ci(build-main): replace GreenKeeper by Dependabot

[SuperITMan]

PR Checklist

Please check if your PR fulfills the following requirements:

• The commit message follows our guidelines: https://github.com/NationalBankBelgium/stark/blob/master/CONTRIBUTING.md#-commit-message-guidelines
• Tests for the changes have been added (for bug fixes / features)
• Docs have been added / updated (for bug fixes / features)

PR Type

What kind of change does this PR introduce?

[ ] Bugfix
[X] Feature
[ ] Code style update (formatting, local variables)
[ ] Refactoring (no functional changes, no api changes)
[ ] Build related changes
[X] CI related changes
[ ] Documentation content changes
[ ] Other... Please describe:

What is the current behavior?

GreenKeeper does his job well but... We need to update available "in range" updates ourselves.
When, a PR opened by GreenKeeper is opened for a certain time and is not in sync with the master anymore, we need to checkout the branch manually and rebase it.

What is the new behavior?

I suggest to use Dependabot instead of GreenKeeper. It's owned by GitHub and provide nice features like:

• auto update and merge, based on test results, of "in range" updates (when required version is ^1.0.0, installed version is 1.1.1 and version 1.1.2 is available)
• a bot that we can use to automatically rebase, recreate a PR
• ability to ignore certain updates for a dependency instead of ignoring totally the dependency
• ...

Does this PR introduce a breaking change?

[ ] Yes
[x] No

Other information

[coveralls]

Coverage remained the same at 94.067% when pulling 990b8b4 on SuperITMan:feature/replace-greenkeeper-by-dependabot into b157a68 on NationalBankBelgium:master.

[SuperITMan]

@nicanac I updated this PR to remove completely AUTHOR_NAME variable from travis file since it's not necessary anymore. It could solve our issues with amended commits in Travis.
Could you please have a look ? 😊

[christophercr]

Nice improvement!

Small remarks though :p

[christophercr]

Can you add a comment here with the link to the config file docs? https://dependabot.com/docs/config-file/

[SuperITMan]

Yes, that I can do easily 😛
Good idea! 😊

[christophercr]

I'm wondering if we should also indicate the versions of @types/node we don't want to upgrade to (I think it would be >=11 right?). What do you think?

[SuperITMan]

You're right, it could be a good idea. Let's do it to maintain the types up to date 😊

[christophercr]

Shouldn't we specify the commit_message too like we did with Greenkeeper? What is the default commit message if we don't specify one?

[SuperITMan]

Actually, we cannot customize commit messages as we can with GreenKeeper.
It's quite limited. The options are available here: https://dependabot.com/docs/config-file/#commit_message

You can see below the commit messages it does.

Update of a dep

chore(deps): bump @babel/preset-env in /packages/stark-build

Bumps [@babel/preset-env](https://github.com/babel/babel) from 7.7.1 to 7.8.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](babel/babel@v7.7.1...v7.8.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Auto merge of a PR:

Merge pull request #118 from SuperITMan/dependabot/npm_and_yarn/packages/stark-build/babel/preset-env-7.8.2

[christophercr]

Ok, so maybe just specify this:

commit_message:
      prefix: "chore"
      include_scope: true

to ensure that the commit message will always be: chore(deps): bla bla (I know that's the default but just in case 😉 )

[SuperITMan]

Change applied 😊

[SuperITMan]

@christophercr @nicanac I updated my PR. Could you please have a look? 😊

[nicanac]

nice, thanks.

[christophercr]

👍