Enable Dependabot version updates for Actions #89
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This enables Dependabot version updates for GitHub Actions only (not Python dependencies), using the exact same configuration as in GitPython.
|
Thank you, Depandabot sounds like it could be helpful. I may mention that So if there would be a breaking change I'd love to do then it's to remove |
EliahKagan
added a commit
to EliahKagan/smmap
that referenced
this pull request
Sep 17, 2023
This updates smmap's CI configuration in ways that are in line with recent updates to gitdb's. In most cases there is no difference in the changes, and the reason for the updates is more to avoid confusing differences than from the value of the changes themselves. In one case, there is a major difference (fetch-depth). - gitpython-developers/gitdb#89 (same) - gitpython-developers/gitdb#90 (same) It's just the project, not dependencies, but otherwise the same. - gitpython-developers/gitdb#92 (opposite) This is the major difference. We don't need more than the tip of the branch in these tests. Keeping the default fetch-depth of 1 by not setting it explicitly avoids giving the impression that the tests here are doing something they are not (and also serves as a speed optimization). - gitpython-developers/gitdb#93 (same)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This enables Dependabot version updates for GitHub Actions only (not Python dependencies), using the exact same configuration as in GitPython.
Since this repository is less active than the GitPython repository, I considered changing the
dependabot.ymlfile to check for updatesmonthlyrather thanweekly. But I did not do so, because the GitHub Actions used in this repository's workflow are requested using major versions, and automatically use the latest minor (and, where applicable, patch) version in that major version automatically. As a result, Dependabot only needs to offer updates when a new major version comes out, which is a fairly infrequent event. So it is unlikely that this would ever generate an excessive number of automated pull requests.Because actions versions were recently updated as part of #88 (in 32d12aa), if this pull request is merged then it should not be expected to cause Dependabot to generate any pull requests in the immediate future.