- Notifications
You must be signed in to change notification settings - Fork68
Enable Dependabot version updates for Actions#89
Merged
Byron merged 1 commit intogitpython-developers:masterfromSep 11, 2023
Merged
Enable Dependabot version updates for Actions#89Byron merged 1 commit intogitpython-developers:masterfrom
Byron merged 1 commit intogitpython-developers:masterfrom
Conversation
This enables Dependabot version updates for GitHub Actions only(not Python dependencies), using the exact same configuration as inGitPython.
Member
Byron commentedSep 11, 2023
Thank you, Depandabot sounds like it could be helpful. I may mention that So if there would be a breaking change I'd love to do then it's to remove |
EliahKagan added a commit to EliahKagan/smmap that referenced this pull requestSep 17, 2023
This updates smmap's CI configuration in ways that are in line withrecent updates to gitdb's. In most cases there is no difference inthe changes, and the reason for the updates is more to avoidconfusing differences than from the value of the changesthemselves. In one case, there is a major difference (fetch-depth).-gitpython-developers/gitdb#89 (same)-gitpython-developers/gitdb#90 (same) It's just the project, not dependencies, but otherwise the same.-gitpython-developers/gitdb#92 (opposite) This is the major difference. We don't need more than the tip of the branch in these tests. Keeping the default fetch-depth of 1 by not setting it explicitly avoids giving the impression that the tests here are doing something they are not (and also serves as a speed optimization).-gitpython-developers/gitdb#93 (same)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment
Labels
None yet
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This enables Dependabot version updates for GitHub Actions only (not Python dependencies), using the exact same configuration asin GitPython.
Since this repository is less active than the GitPython repository, I considered changing the
dependabot.ymlfile to check for updatesmonthlyrather thanweekly. But I did not do so, because the GitHub Actions used in this repository's workflow are requested using major versions, and automatically use the latest minor (and, where applicable, patch) version in that major version automatically. As a result, Dependabot only needs to offer updates when a new major version comes out, which is a fairly infrequent event. So it is unlikely that this would ever generate an excessive number of automated pull requests.Because actions versions were recently updated as part of#88 (in32d12aa), if this pull request is merged then it should not be expected to cause Dependabot to generate any pull requests in the immediate future.