Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added Dependabot to automatically upgrade dependencies. #8115

Closed
wants to merge 2 commits into from
Closed

Added Dependabot to automatically upgrade dependencies. #8115

wants to merge 2 commits into from

Conversation

amirfarzamnia
Copy link

What does this PR do?

This pull request will introduce a new file named .github/dependabot.yml. This file will integrate a bot into the GitHub repository, enabling automatic upgrades for the utilized packages.

  • Documentation or TypeScript types
  • Code changes

How did you verify your code works?

The file has been verified using GitHub.

@xhyrom
Copy link
Collaborator

xhyrom commented Jan 12, 2024

I don't think this will work. Dependabot doesn't support bun dependabot/dependabot-core#6528

@ghiscoding
Copy link

on the other hand, one would have better chance with Renovate https://docs.renovatebot.com/modules/manager/bun/

@paperclover
Copy link
Member

thanks for the contribution, but i do not think this bot should be added. this doesn't cover all of the dependencies. it just gets the root of package.json, which is honestly the dependencies that dont really matter what version is being used.

the submodule dependencies are what matter more, but it almost always makes more sense to do these upgrades manually.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@amirfarzamnia @xhyrom @ghiscoding @paperclover