Skip to content

Commit

Permalink
Create initial depandabot.yml to tackle batch python dependency update (
Browse files Browse the repository at this point in the history 
#1060)

This ticket adds 'Dependabot Version Update' for all python dependencies except mypy dependencies in test_requirements.
We made a decision (@AntonyMilneQB , @tynandebold ) to limit front-end to only 'Dependabot Security Updates'

Since this is the first time we are doing this, there's a long list of python dependencies that needs to be updated (~20) For this purpose we have set up this ticket as the initial dependabot PR to do a batch update.

Following this we will create another PR with slightly different configurations to handle regular updates.
  • Loading branch information
@rashidakanchwala
rashidakanchwala committed Sep 16, 2022
1 parent df03bd6 commit 388a1af
Showing 1 changed file with 18 additions and 0 deletions.
18 changes: 18 additions & 0 deletions .github/dependabot.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates

version: 2
updates:
- package-ecosystem: "pip" # See documentation for possible values
directory: "/package" # Location of package manifests
schedule:
interval: "daily"
target-branch: "dependency-update"
ignore:
- dependency-name: "types-*"
labels:
- "python"
- "dependencies"
open-pull-requests-limit: 50

0 comments on commit 388a1af

Please sign in to comment.