Bump pproxy from 2.3.5 to 2.3.7 #212
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
dependabot
bot
force-pushed
the
dependabot/pip/pproxy-2.3.7
branch
2 times, most recently
from
339be6b to
23dad24
Compare
|
These patch updates are a bit noisy. Not sure if there's away to tell Dependabot to:
|
dependabot
bot
force-pushed
the
dependabot/pip/pproxy-2.3.7
branch
from
23dad24 to
e35bb51
Compare
Bumps [pproxy](https://github.com/qwj/python-proxy) from 2.3.5 to 2.3.7. - [Release notes](https://github.com/qwj/python-proxy/releases) - [Commits](https://github.com/qwj/python-proxy/commits) Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
force-pushed
the
dependabot/pip/pproxy-2.3.7
branch
from
e35bb51 to
c53334d
Compare
|
@florimondmanca it doesn't seem possible to auto-merge PR's directly. Regarding skipping patch bumps, I see two options:
What do you think? |
|
Do you know if it's possible to combine all the update changes in one PR? E.g. to run the bot pipeline weekly, creating a commit with all weekly changes and a pr with the changes? Or may be the dev dependencies updates might be performed per release basis? (I do it this way on my work project, but we have a regular releases) Then workflow might look like:
|
|
Weekly seems fine to me, Dependabot will also close out outdated PRs if a new version gets released before the old one is approved/merged. I don't think that combining the PRs would be good, as it may make breaking issues harder to debug, but an |
|
No, combining bumps in the same PR is not possible unfortunately. |
|
Switching to monthly is a good plan - we don't particularly need regular updates on our tooling. The important thing is that we're using pinned version for our build, not that we're always up-to-date with the very very latest tooling versions. |
|
Agreed with @tomchristie — if there's a monthly schedule then I think I'd be up for us switching to that. 👍 |
Bumps pproxy from 2.3.5 to 2.3.7.
Commits
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)