question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

MNT: Will Dependabot help us?

See original GitHub issue

Description

Dependabot automatically checks and bumps upstream dependencies. Sounds useful for Javascript but not sure about Python. I set it up for astropy on the fork and it seems to monitor these files by default:

  • pyproject.toml
  • setup.py
  • setup.cfg

I wonder if we can configure it to monitor our bundled external dependencies in cextern and astropy/extern. 💭

Also see

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Comments:5 (3 by maintainers)

github_iconTop GitHub Comments

2reactions
saimncommented, Jan 5, 2021

For a library like astropy where we aim at the broadest compatibility with dependency versions, I don’t think it will be useful. It’s mostly useful when you pin package versions, and want to have control on updating versions.

0reactions
github-actions[bot]commented, Jan 22, 2022

I’m going to close this issue as per my previous message, but if you feel that this issue should stay open, then feel free to re-open and remove the Close? label.

If this is the first time I am commenting on this issue, or if you believe I closed this issue incorrectly, please report this here

Read more comments on GitHub >

github_iconTop Results From Across the Web

Keeping your dependencies updated automatically ... - YouTube
Dependabot will send Pull Requests to your repo whenever a package is out ... Find me on other channels Discord http://bit.ly/dpt-discord ...
Read more >
GitHub's dependabot is causing a ton of "spam" in our ...
GitHub's dependabot is causing a ton of "spam" in our frontend (Angular) repositories, as it seemingly opens 1-5 PRs per day to bump...
Read more >
I have to tell you about Dependabot - DEV Community ‍ ‍
Dependabot is an automation service that will automatically create PRs to keep ... Honestly, for me, it's like adding a member to my...
Read more >
Keep all your packages up to date with Dependabot
Dependabot alleviates the pain of updating your dependencies by doing it automatically, so you can spend less time updating and more time ...
Read more >
Using Dependabot with Azure DevOps - sanderh.dev
use `-e EXCON_DEBUG=1` to print detail message might help. The second one is for private registry, for me, I need to update the...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found