MNT: Will Dependabot help us?
See original GitHub issueDescription
Dependabot automatically checks and bumps upstream dependencies. Sounds useful for Javascript but not sure about Python. I set it up for astropy
on the fork and it seems to monitor these files by default:
pyproject.toml
setup.py
setup.cfg
I wonder if we can configure it to monitor our bundled external dependencies in cextern
and astropy/extern
. 💭
Also see
Issue Analytics
- State:
- Created 3 years ago
- Comments:5 (3 by maintainers)
Top Results From Across the Web
Keeping your dependencies updated automatically ... - YouTube
Dependabot will send Pull Requests to your repo whenever a package is out ... Find me on other channels Discord http://bit.ly/dpt-discord ...
Read more >GitHub's dependabot is causing a ton of "spam" in our ...
GitHub's dependabot is causing a ton of "spam" in our frontend (Angular) repositories, as it seemingly opens 1-5 PRs per day to bump...
Read more >I have to tell you about Dependabot - DEV Community
Dependabot is an automation service that will automatically create PRs to keep ... Honestly, for me, it's like adding a member to my...
Read more >Keep all your packages up to date with Dependabot
Dependabot alleviates the pain of updating your dependencies by doing it automatically, so you can spend less time updating and more time ...
Read more >Using Dependabot with Azure DevOps - sanderh.dev
use `-e EXCON_DEBUG=1` to print detail message might help. The second one is for private registry, for me, I need to update the...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
For a library like astropy where we aim at the broadest compatibility with dependency versions, I don’t think it will be useful. It’s mostly useful when you pin package versions, and want to have control on updating versions.
I’m going to close this issue as per my previous message, but if you feel that this issue should stay open, then feel free to re-open and remove the Close? label.
If this is the first time I am commenting on this issue, or if you believe I closed this issue incorrectly, please report this here