Tacsipacsi added a comment.
I see your point, but the problem with this approach is that it potentially blocks unrelated development, like in my case <https://gerrit.wikimedia.org/r/c/pywikibot/core/+/1162017>. I find the approach of Dependabot <https://docs.github.com/en/code-security/getting-started/dependabot-quickstart-guide> much better: it constantly updates dependencies, but in separate PRs (changes in Gerrit speak), so if a new dependency version breaks the code, CI fails only on that change, and not everywhere. Also, the CI failure is less mysterious, since it’s no longer tied to the timing, but to code changes. Wikimedia LibUp <https://www.mediawiki.org/wiki/LibUp> is similar to Dependabot, but it needs to be manually triggered (which makes it still helpful when one wants to update Codex in dozens of MediaWiki extension repositories, but not so much when we’re speaking about Python libraries only used by Pywikibot). Maybe there could be an option in LibUp, or a separate tool (let’s call it LibUpAuto) that works automatically, similarly to Dependabot. TASK DETAIL https://phabricator.wikimedia.org/T409656 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/
_______________________________________________ pywikibot-bugs mailing list -- [email protected] To unsubscribe send an email to [email protected]
