Skip to content

Commit

Permalink
.github: dependabot: Group pydantic updates together
Browse files Browse the repository at this point in the history 
Pydantic regularly blocks our scheduled monthly scheduled version
updates to be merged comfortably as the core backend library isn't
released at the same time as the API library that consumes it. Worse
even, there is a hard version dependency between pydantic and
pydantic-core causing an update to the latter block the former from
simply accepting anything newer:

    The conflict is caused by:
        The user requested pydantic-core==2.23.1
        pydantic 2.8.2 depends on pydantic-core==2.20.1

Fix this by excluding pydantic from the bigger group update and group
pydantic updates in its own group which can be left sitting as a
dependabot PR until both versions match which will cause an auto
update of the PR and hence ultimately passing our CI.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
  • Loading branch information
@eskultety
eskultety committed Sep 9, 2024
1 parent bbbe5d3 commit 24f35ee
Showing 1 changed file with 12 additions and 0 deletions.
12 changes: 12 additions & 0 deletions .github/dependabot.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,3 +24,15 @@ updates:
update-types:
- "minor"
- "patch"
exclude_patterns:
- "pydantic*"

# pydantic is a known violator of version updates where they don't release the core backend
# with the API library at the same time which holds up other legitimate updates, so group
# pydantic deps together
pydantic:
update-types:
- "minor"
- "patch"
patterns:
- "pydantic*"

0 comments on commit 24f35ee

Please sign in to comment.