mbien commented on PR #4194: URL: https://github.com/apache/netbeans/pull/4194#issuecomment-1150080714
> you are right @mbien the PR dependencies based on maven would be useless in our case. I think they might be useful if it simply generates a list (just like the version plugin basically). This could give us a good overview about what is used where, point out EOL dependencies etc. But the main "feature" of dependabot is that it is creating PRs, and those PRs run the tests. Devs can see ahead of time if a lib upgrade breaks the project. That won't work or us because we can't translate the maven versions back to NB's own dependency system (maybe we can, but thats extra work - might not be worth it). However, I don't think this is bad at all! I believe having the ability to print all used versions and possible updates can be quite useful. Dependabot would have created most likely too much noise anyway for a project like NB. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] For further information about the NetBeans mailing lists, visit: https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists
