Le ven. 4 juin 2021 à 21:57, Benjamin Marwell <bmarw...@apache.org> a écrit : > > > see such brances here: > > https://gitbox.apache.org/repos/asf?p=commons-geometry.git > > but not in any of: > > https://gitbox.apache.org/repos/asf?p=commons-math.git > > > > You need to look here instead: > https://github.com/apache/commons-geometry/blob/master/.github/dependabot.yml > <- dependabot activated > https://github.com/apache/commons-math <-- no dependabot activated
The piece I was missing. > PMCs/Committers can activate the bot per repo (or Infra, I actually don't > know). > Since it is not activated on the latter three repos, there is no > dependabot activity and hence nothing to sync over to gitbox. > > > There must be, since we don't see all the other PRs. > > There are PRs in the enabled repos: > https://github.com/apache/commons-geometry/pulls/app%2Fdependabot > > And there are non in the repos where dependabot is not enabled: > https://github.com/apache/commons-math/pulls/app%2Fdependabot > > Nothing unexpected here, is there? No, once you know where to look. Tracking this piece of information, we get https://issues.apache.org/jira/browse/GEOMETRY-104 I agree with what Alex said in the first part of his comment there: No added value... > > $ git branch -a > > there are about "dependabot" lines that clutter the output. > > dependabot does not create the PRs by forking the repo and creating > PRs from its branches. > Instead you give dependabot write access to the Apache repo. I don't recall that we ever agreed on such a behaviour. I interpret the second part of the comment ("Feel free to try out dependabot") as this experiment having no impact on other users of the repository. IOW, this should have been a feature to be managed through github, not showing up on gitbox. > The branches are created there, directly in the Apache repo. > This is why you see them when doing $ git branch -a. > > If you don't want to see them, why not exclude them in your local > clone (.git/config)? > Like so: > https://stackoverflow.com/a/37165609/1549977 I don't think that non-users having to work around is the proper solution. Thanks, Gilles > > > > Am Fr., 4. Juni 2021 um 19:20 Uhr schrieb Gilles Sadowski > <gillese...@gmail.com>: > > > > Le jeu. 3 juin 2021 à 21:49, Benjamin Marwell <bmarw...@apache.org> a écrit > > : > > > > > > Ah yes, branches are being synced over, of course. > > > > ? > > > > I see such brances here: > > https://gitbox.apache.org/repos/asf?p=commons-geometry.git > > but not in any of: > > https://gitbox.apache.org/repos/asf?p=commons-math.git > > https://gitbox.apache.org/repos/asf?p=commons-rng.git > > https://gitbox.apache.org/repos/asf?p=commons-numbers.git > > > > Hence my wondering about what config is causing the different behaviours. > > > > > On GitHub, just go to the Pull Requests tab and either merge them or close > > > them. There is not much more to it. > > > > There must be, since we don't see all the other PRs. > > > > > If you are not a committer, you can safely ignore them. > > > > Well, I'd like to know how to achieve that. > > For example, doing > > $ git branch -a > > there are about "dependabot" lines that clutter the output. > > > > Regards, > > Gilles > > > > > > > > You probably have googled dependabot at this point, but just in case here > > > is a quick overview: > > > > > > https://github.blog/2020-06-01-keep-all-your-packages-up-to-date-with-dependabot/ > > > > > > > > > On Thu, 3 Jun 2021, 19:43 Gilles Sadowski, <gillese...@gmail.com> wrote: > > > > > > > Le jeu. 3 juin 2021 à 19:18, Benjamin Marwell <bmarw...@apache.org> a > > > > écrit : > > > > > > > > > > It's a bot which creates a PR on GitHub for each dependency update. > > > > > > > > > > You won't see it in the Apache git probably. > > > > > > > > They are listed as "origin" which is the ASF repository: > > > > $ git remote -v > > > > github https://github.com/apache/commons-geometry.git (fetch) > > > > github https://github.com/apache/commons-geometry.git (push) > > > > origin https://gitbox.apache.org/repos/asf/commons-geometry.git (fetch) > > > > origin https://gitbox.apache.org/repos/asf/commons-geometry.git (push) > > > > > > > > And some of the branches (why not all?) are listed here: > > > > https://gitbox.apache.org/repos/asf?p=commons-geometry.git > > > > > > > > > > > > > > You can disable the bot using a config file or exclude some > > > > > dependencies > > > > > etc. > > > > > > > > Indeed, is this intended or is there a misconfiguration somewhere? > > > > > > > > > > > > Gilles > > > > > > > > > > > > > > Most projects use it by now, but often major updates are being closed > > > > > and > > > > > manually updated instead. > > > > > > > > > > > > > > > On Thu, 3 Jun 2021, 18:23 Gilles Sadowski, <gillese...@gmail.com> > > > > > wrote: > > > > > > > > > > > Hello. > > > > > > > > > > > > What's the purpose of all those "dependabot" branches? > > > > > > > > > > > > $ git branch -a > > > > > > 1.0-beta1-release > > > > > > * master > > > > > > remotes/github/master > > > > > > remotes/origin/1.0-beta1-release > > > > > > remotes/origin/GEOMETRY-53 > > > > > > remotes/origin/GEOMETRY-54 > > > > > > remotes/origin/GEOMETRY-56 > > > > > > remotes/origin/dependabot/maven/com.github.spotbugs-spotbugs-4.2.0 > > > > > > > > > > > > > > > > remotes/origin/dependabot/maven/com.github.spotbugs-spotbugs-maven-plugin-4.1.4 > > > > > > > > > > > > > > > > remotes/origin/dependabot/maven/com.github.spotbugs-spotbugs-maven-plugin-4.2.0 > > > > > > > > > > > > > > > > remotes/origin/dependabot/maven/com.github.spotbugs-spotbugs-maven-plugin-4.2.2 > > > > > > > > > > > > remotes/origin/dependabot/maven/com.puppycrawl.tools-checkstyle-8.38 > > > > > > > > > > > > remotes/origin/dependabot/maven/com.puppycrawl.tools-checkstyle-8.39 > > > > > > > > > > remotes/origin/dependabot/maven/com.puppycrawl.tools-checkstyle-8.41.1 > > > > > > > > > > > > remotes/origin/dependabot/maven/com.puppycrawl.tools-checkstyle-8.43 > > > > > > remotes/origin/dependabot/maven/geometry.pmd.dep.version-6.30.0 > > > > > > remotes/origin/dependabot/maven/geometry.pmd.dep.version-6.31.0 > > > > > > remotes/origin/dependabot/maven/geometry.pmd.dep.version-6.35.0 > > > > > > remotes/origin/dependabot/maven/jmh.version-1.27 > > > > > > remotes/origin/dependabot/maven/jmh.version-1.32 > > > > > > > > > > > > > > > > remotes/origin/dependabot/maven/org.apache.maven.plugins-maven-checkstyle-plugin-3.1.2 > > > > > > > > > > > > > > > > remotes/origin/dependabot/maven/org.apache.maven.plugins-maven-pmd-plugin-3.14.0 > > > > > > > > > > remotes/origin/dependabot/maven/org.ekstazi-ekstazi-maven-plugin-5.3.0 > > > > > > remotes/origin/dependabot/maven/org.junit-junit-bom-5.7.1 > > > > > > remotes/origin/dependabot/maven/org.junit-junit-bom-5.7.2 > > > > > > remotes/origin/master --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org