Re: dependabot [was:Project items]
By putting in the .github/dependabot.yml dependabot gets triggered. tick. No INFRA needed. It has a built-in limit so as not to flood the "pulls" (the limit is 5-ish). Doc says 5, there are 6. PRs happen on clones of Jena. Hmm. Unexpected. Andy On 11/11/2020 14:50, Andy Seaborne wrote: I'll give it a go. The documentation says it just needs write permission to the repo - not a "settings" thing. Merged - waiting for the first run ... On 10/11/2020 19:19, aj...@apache.org wrote: +1 If it's not useful we can turn it off. Adam On Tue, Nov 10, 2020, 12:28 PM Andy Seaborne wrote: I'd like to add dependabot to the git repo to tell us about dependencies updates. dependabot sends PRs to the project, including gathering documentation and explanation if available so we get to review the proposed changes. I've a very simple setup on another project: https://github.com/afs/rdf-delta/blob/main/.github/dependabot.yml The github documentation: https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/keeping-your-dependencies-updated-automatically The first time it runs we will likely get quite a few updates because we have quite a few dependencies. We don't have to acceet the recommendations! Andy
Re: dependabot [was:Project items]
+1 If it's not useful we can turn it off. Adam On Tue, Nov 10, 2020, 12:28 PM Andy Seaborne wrote: > I'd like to add dependabot to the git repo to tell us about dependencies > updates. > > dependabot sends PRs to the project, including gathering documentation > and explanation if available so we get to review the proposed changes. > > I've a very simple setup on another project: > > https://github.com/afs/rdf-delta/blob/main/.github/dependabot.yml > > > The github documentation: > > > https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/keeping-your-dependencies-updated-automatically > > > The first time it runs we will likely get quite a few updates because we > have quite a few dependencies. > > We don't have to acceet the recommendations! > > Andy >
dependabot [was:Project items]
I'd like to add dependabot to the git repo to tell us about dependencies updates. dependabot sends PRs to the project, including gathering documentation and explanation if available so we get to review the proposed changes. I've a very simple setup on another project: https://github.com/afs/rdf-delta/blob/main/.github/dependabot.yml The github documentation: https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/keeping-your-dependencies-updated-automatically The first time it runs we will likely get quite a few updates because we have quite a few dependencies. We don't have to acceet the recommendations! Andy