-
Notifications
You must be signed in to change notification settings - Fork 23
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ci(build-main): replace GreenKeeper by Dependabot #1479
ci(build-main): replace GreenKeeper by Dependabot #1479
Conversation
fbd4661
to
68d5068
Compare
68d5068
to
f069ec2
Compare
@nicanac I updated this PR to remove completely |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice improvement!
Small remarks though :p
.dependabot/config.yml
Outdated
@@ -0,0 +1,127 @@ | |||
version: 1 | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you add a comment here with the link to the config file docs? https://dependabot.com/docs/config-file/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, that I can do easily 😛
Good idea! 😊
dependency_name: "@uirouter/angular" | ||
version_requirement: ">=6" | ||
- match: | ||
dependency_name: "@types/node" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm wondering if we should also indicate the versions of @types/node
we don't want to upgrade to (I think it would be >=11
right?). What do you think?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You're right, it could be a good idea. Let's do it to maintain the types up to date 😊
.dependabot/config.yml
Outdated
@@ -0,0 +1,127 @@ | |||
version: 1 | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Shouldn't we specify the commit_message
too like we did with Greenkeeper? What is the default commit message if we don't specify one?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually, we cannot customize commit messages as we can with GreenKeeper.
It's quite limited. The options are available here: https://dependabot.com/docs/config-file/#commit_message
You can see below the commit messages it does.
Update of a dep
chore(deps): bump @babel/preset-env in /packages/stark-build
Bumps [@babel/preset-env](https://github.com/babel/babel) from 7.7.1 to 7.8.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](babel/babel@v7.7.1...v7.8.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Auto merge of a PR:
Merge pull request #118 from SuperITMan/dependabot/npm_and_yarn/packages/stark-build/babel/preset-env-7.8.2
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, so maybe just specify this:
commit_message:
prefix: "chore"
include_scope: true
to ensure that the commit message will always be: chore(deps): bla bla
(I know that's the default but just in case 😉 )
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Change applied 😊
f069ec2
to
3dc5de7
Compare
@christophercr @nicanac I updated my PR. Could you please have a look? 😊 |
3dc5de7
to
990b8b4
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nice, thanks.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
PR Checklist
Please check if your PR fulfills the following requirements:
PR Type
What kind of change does this PR introduce?
What is the current behavior?
GreenKeeper does his job well but... We need to update available "in range" updates ourselves.
When, a PR opened by GreenKeeper is opened for a certain time and is not in sync with the master anymore, we need to checkout the branch manually and rebase it.
What is the new behavior?
I suggest to use Dependabot instead of GreenKeeper. It's owned by GitHub and provide nice features like:
^1.0.0
, installed version is1.1.1
and version1.1.2
is available)Does this PR introduce a breaking change?
Other information