-
-
Notifications
You must be signed in to change notification settings - Fork 557
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Set up dependabot / renovate #840
Comments
👎 I personally find those tools more spammy than helpful. |
@sindresorhus In a normal project I can agree, but since we have five dependencies only in this project and since some (tsd, typescript) are vital to keep up to date I think it would be good. Also, one can make Dependabot less spammy nowadays by having it create a single PR for all dependencies, see eg: hannobraun/fornjot#2269 (And Renovate can be run in eg. a Dashboard only mode, only producing eg. voxpelli/eslint-config#1 and no automatic PR:s, one need to toggle PR:s manually by checking the checkboxes) |
Fixes #840 I know @sindresorhus thinks this can get noisy, but I tried to make it as non-noisy as possible. I would really love to get notified when eg. a new `tsd`, `xo` or similar dependency needs to be updated, and same for GitHub Actions. This setup makes it so that at max one PR for npm and one PR for GitHub Actions will be created, and it will only be created/updated weekly, and for npm it will only create it if the version range _needs_ to be increased, so no needless bumping of the lower range of a version.
I think it would be great if PR:s like #838 and #839 was opened automatically. Especially something like the
tsd
one. Then it would be visible right away if a new version either breaks something or highlights something that was already broken but wasn't showing before, like #839 / #833.Thoughts @sindresorhus @skarab42 and others?
Upvote & Fund
The text was updated successfully, but these errors were encountered: