Pretty cool, I like that (if only Travis would be a little more reliable). Cheers, Daniel
On Wed, Apr 3, 2019 at 9:43 AM Florian Hockmann <[email protected]> wrote: > Hi, > > we have a lot of dependencies in TinkerPop in different projects and > even across different languages. That makes it hard to keep them updated > which sometimes has security implications. > > I recently noticed that other open source projects use a bot that > regularly checks whether any updates are available for their > dependencies and then creates one PR per dependency. Just to try it out > with TinkerPop, I activated such a bot on my fork: > > https://github.com/florianhockmann/tinkerpop/pulls > > and the overall result looks quite good in my opinion. It created a lot > of PRs* and most could probably be directly merged. The bot can also be > easily configured just by adding comments to its PR, for example to > ignore a certain (major/minor/patch) version of a dependency: > > https://github.com/FlorianHockmann/tinkerpop/pull/24#issuecomment-473936360 > > What do you think about adding such a bot for our repo? > > > * This is limited to only 5 PRs per day at first to not overwhelm a > project with PRs. > > >
