-
Notifications
You must be signed in to change notification settings - Fork 236
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade to GitHub Dependabot #402
Conversation
Thanks for the PR (and your patience 😊)! This is definitely something that needs to happen. But there are still a lot of open questions:
|
You made very good observations. I don't have a definitive answer to all of them but I will tell what I know from the 6 repos that I own and are using the configs on the proposed PR #402 and #401.
UPDATE: Github staff responded the remaining questions:
|
Thank you so much for the research. |
While some things are still in motion here, I went ahead and switched the Cookiecutter repository itself to GitHub Dependabot. Following the official flow, I did the following:
I credited you as a co-author on the Dependabot PR, and merged it. As far as I can see, the following still needs to happen here (not saying you have to do this, but you are welcome to 😄):
For now, let's not remove the configuration sections for the requirements files under |
Update legacy documentation Fix extra space on YAML Fix other space pre-commit didn't get
9631098
to
2a16143
Compare
@cjolowicz done. About the badge issue, one alternative to waiting is removing it from READMEs until the issue is fixed. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Excited that this becoming a thing 💯 and thanks again for doing the work! I left a few small suggestions for the changes to the User Guide.
I agree with you that we can simply remove the Dependabot badge for now. Let's do that.
Can you please also revert all the changes to the top-level .github/dependabot.yml
? I think this file is fine the way #431 added it. Sorry for not expressing this more clearly earlier.
Co-authored-by: Claudio Jolowicz <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
Hooray! |
Closes #347