From 2a161438d627283878a9231d0479939eb0e471c2 Mon Sep 17 00:00:00 2001 From: staticdev Date: Tue, 16 Jun 2020 09:39:55 -0300 Subject: [PATCH 1/7] Add upgraded config files and process documentation Update legacy documentation Fix extra space on YAML Fix other space pre-commit didn't get --- .github/dependabot.yml | 35 ++++++------------- README.rst | 2 +- docs/guide.rst | 7 ++-- .../.dependabot/config.yml | 26 -------------- .../.github/dependabot.yml | 26 ++++++++++++++ 5 files changed, 41 insertions(+), 55 deletions(-) delete mode 100644 {{cookiecutter.project_name}}/.dependabot/config.yml create mode 100644 {{cookiecutter.project_name}}/.github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 56a022ca2..1222b6c9f 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,35 +1,20 @@ version: 2 updates: - - package-ecosystem: pip - directory: "/docs" + - package-ecosystem: github-actions + directory: "/" schedule: interval: daily - time: "04:00" - timezone: "Europe/Berlin" - labels: - - "cookiecutter" - - "dependencies" - - "python" - open-pull-requests-limit: 99 + time: "09:00" + open-pull-requests-limit: 10 - package-ecosystem: pip directory: "/.github/workflows" schedule: interval: daily - time: "04:00" - timezone: "Europe/Berlin" - labels: - - "cookiecutter" - - "dependencies" - - "python" - open-pull-requests-limit: 99 - - package-ecosystem: github-actions - directory: "/" + time: "09:00" + open-pull-requests-limit: 10 + - package-ecosystem: pip + directory: "/docs" schedule: interval: daily - time: "04:00" - timezone: "Europe/Berlin" - labels: - - "cookiecutter" - - "dependencies" - - "github_actions" - open-pull-requests-limit: 99 + time: "09:00" + open-pull-requests-limit: 10 diff --git a/README.rst b/README.rst index 822959257..93b990ffb 100644 --- a/README.rst +++ b/README.rst @@ -227,7 +227,7 @@ Dependabot 1. Sign up at Dependabot_. 2. Install their GitHub app. - +3. Enable `Security Updates` from the `Security` tab on the repository under `Dependabot alerts` > `Dependabot Security Updates`. Read the Docs ~~~~~~~~~~~~~ diff --git a/docs/guide.rst b/docs/guide.rst index 301f4ace1..726fdd566 100644 --- a/docs/guide.rst +++ b/docs/guide.rst @@ -405,7 +405,7 @@ and links each file to a section with more details. ===================================== ======================================== ``.cookiecutter.json`` :ref:`Project variables ` ``.darglint`` Configuration for :ref:`darglint ` - ``.dependabot/config.yml`` Configuration for :ref:`Dependabot ` + ``.github/dependabot.yml`` Configuration for :ref:`Dependabot ` ``.flake8`` Configuration for :ref:`Flake8 ` ``.gitattributes`` `Git attributes <.gitattributes_>`__ ``.gitignore`` `Git ignore file <.gitignore_>`__ @@ -1925,11 +1925,12 @@ Follow these steps to set up Dependabot for your repository: 1. Sign up at Dependabot_. 2. Install their GitHub app. +3. Enable `Security Updates` from the `Security` tab on the repository under `Dependabot alerts` > `Dependabot Security Updates`. The configuration is included in the repository, -in the file `.dependabot/config.yml`__. +in the file `.github/dependabot.yml`__. -__ https://dependabot.com/docs/config-file/ +__ https://help.github.com/en/github/administering-a-repository/customizing-dependency-updates Dependabot integrates with your repository via its GitHub app. diff --git a/{{cookiecutter.project_name}}/.dependabot/config.yml b/{{cookiecutter.project_name}}/.dependabot/config.yml deleted file mode 100644 index 837e3e88d..000000000 --- a/{{cookiecutter.project_name}}/.dependabot/config.yml +++ /dev/null @@ -1,26 +0,0 @@ -version: 1 -update_configs: - - package_manager: "python" - directory: "/" - update_schedule: "daily" - allowed_updates: - - match: - update_type: "all" - - package_manager: "python" - directory: "/docs" - update_schedule: "daily" - allowed_updates: - - match: - update_type: "all" - - package_manager: "python" - directory: "/.github/workflows" - update_schedule: "daily" - allowed_updates: - - match: - update_type: "all" - - package_manager: "github_actions" - directory: "/" - update_schedule: "daily" - allowed_updates: - - match: - update_type: "all" diff --git a/{{cookiecutter.project_name}}/.github/dependabot.yml b/{{cookiecutter.project_name}}/.github/dependabot.yml new file mode 100644 index 000000000..6f8d6fa5a --- /dev/null +++ b/{{cookiecutter.project_name}}/.github/dependabot.yml @@ -0,0 +1,26 @@ +version: 2 +updates: + - package-ecosystem: github-actions + directory: "/" + schedule: + interval: daily + time: "09:00" + open-pull-requests-limit: 10 + - package-ecosystem: pip + directory: "/.github/workflows" + schedule: + interval: daily + time: "09:00" + open-pull-requests-limit: 10 + - package-ecosystem: pip + directory: "/docs" + schedule: + interval: daily + time: "09:00" + open-pull-requests-limit: 10 + - package-ecosystem: pip + directory: "/" + schedule: + interval: daily + time: "09:00" + open-pull-requests-limit: 10 From 784945561b486a6d547d2ab659bb22d2af9e801d Mon Sep 17 00:00:00 2001 From: staticdev Date: Wed, 8 Jul 2020 17:59:06 -0300 Subject: [PATCH 2/7] Remove unnecessary configs --- .github/dependabot.yml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 1222b6c9f..f32fc91e8 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -2,19 +2,19 @@ version: 2 updates: - package-ecosystem: github-actions directory: "/" - schedule: - interval: daily - time: "09:00" - open-pull-requests-limit: 10 + labels: + - "cookiecutter" + - "dependencies" + - "python" - package-ecosystem: pip directory: "/.github/workflows" - schedule: - interval: daily - time: "09:00" - open-pull-requests-limit: 10 + labels: + - "cookiecutter" + - "dependencies" + - "python" - package-ecosystem: pip directory: "/docs" - schedule: - interval: daily - time: "09:00" - open-pull-requests-limit: 10 + labels: + - "cookiecutter" + - "dependencies" + - "python" From f470eb2252336362c524c9c91bc5b766c32754b2 Mon Sep 17 00:00:00 2001 From: staticdev Date: Wed, 8 Jul 2020 18:02:04 -0300 Subject: [PATCH 3/7] Add back schedule.interval --- .github/dependabot.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index f32fc91e8..0dbcbfa90 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -2,18 +2,24 @@ version: 2 updates: - package-ecosystem: github-actions directory: "/" + schedule: + interval: daily labels: - "cookiecutter" - "dependencies" - "python" - package-ecosystem: pip directory: "/.github/workflows" + schedule: + interval: daily labels: - "cookiecutter" - "dependencies" - "python" - package-ecosystem: pip directory: "/docs" + schedule: + interval: daily labels: - "cookiecutter" - "dependencies" From e22f5047e4d1d364ada4bedad98f21afbec4243e Mon Sep 17 00:00:00 2001 From: staticdev Date: Wed, 8 Jul 2020 18:14:52 -0300 Subject: [PATCH 4/7] Remove unnecessary configs from internal project --- {{cookiecutter.project_name}}/.github/dependabot.yml | 8 -------- 1 file changed, 8 deletions(-) diff --git a/{{cookiecutter.project_name}}/.github/dependabot.yml b/{{cookiecutter.project_name}}/.github/dependabot.yml index 6f8d6fa5a..a0a5c7350 100644 --- a/{{cookiecutter.project_name}}/.github/dependabot.yml +++ b/{{cookiecutter.project_name}}/.github/dependabot.yml @@ -4,23 +4,15 @@ updates: directory: "/" schedule: interval: daily - time: "09:00" - open-pull-requests-limit: 10 - package-ecosystem: pip directory: "/.github/workflows" schedule: interval: daily - time: "09:00" - open-pull-requests-limit: 10 - package-ecosystem: pip directory: "/docs" schedule: interval: daily - time: "09:00" - open-pull-requests-limit: 10 - package-ecosystem: pip directory: "/" schedule: interval: daily - time: "09:00" - open-pull-requests-limit: 10 From 88d68cb732a73999e56b612fb1a59b4b08084085 Mon Sep 17 00:00:00 2001 From: staticdev Date: Wed, 8 Jul 2020 18:33:00 -0300 Subject: [PATCH 5/7] Update documentation --- README.rst | 7 ------- docs/guide.rst | 8 ++++---- 2 files changed, 4 insertions(+), 11 deletions(-) diff --git a/README.rst b/README.rst index 93b990ffb..1a45cfa8a 100644 --- a/README.rst +++ b/README.rst @@ -222,13 +222,6 @@ Codecov 2. Install their GitHub app. -Dependabot -~~~~~~~~~~ - -1. Sign up at Dependabot_. -2. Install their GitHub app. -3. Enable `Security Updates` from the `Security` tab on the repository under `Dependabot alerts` > `Dependabot Security Updates`. - Read the Docs ~~~~~~~~~~~~~ diff --git a/docs/guide.rst b/docs/guide.rst index 726fdd566..0e92d2a13 100644 --- a/docs/guide.rst +++ b/docs/guide.rst @@ -1921,11 +1921,9 @@ Dependabot Dependabot_ creates pull requests with automated dependency updates. -Follow these steps to set up Dependabot for your repository: +Enable `Security Updates` from the `Security` tab on the repository under `Dependabot alerts` > `Dependabot Security Updates`. -1. Sign up at Dependabot_. -2. Install their GitHub app. -3. Enable `Security Updates` from the `Security` tab on the repository under `Dependabot alerts` > `Dependabot Security Updates`. +More on `official documentation`_ for GitHub Dependabot. The configuration is included in the repository, in the file `.github/dependabot.yml`__. @@ -1951,6 +1949,8 @@ It manages the following dependencies: =================== ===================================== ================================================ +.. _official documentation: https://docs.github.com/en/github/administering-a-repository/keeping-your-dependencies-updated-automatically + .. _Read the Docs integration: Read the Docs From a5b0430dd2a55799c173f262667b1fb8783b19d1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thiago=20C=2E=20D=27=C3=81vila?= Date: Thu, 9 Jul 2020 11:54:25 -0300 Subject: [PATCH 6/7] Apply suggestions from code review Co-authored-by: Claudio Jolowicz --- docs/guide.rst | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/docs/guide.rst b/docs/guide.rst index 0e92d2a13..ae674f229 100644 --- a/docs/guide.rst +++ b/docs/guide.rst @@ -1921,16 +1921,16 @@ Dependabot Dependabot_ creates pull requests with automated dependency updates. -Enable `Security Updates` from the `Security` tab on the repository under `Dependabot alerts` > `Dependabot Security Updates`. -More on `official documentation`_ for GitHub Dependabot. +Please refer to the `official documentation`__ for more details. + +__ https://docs.github.com/en/github/administering-a-repository/keeping-your-dependencies-updated-automatically The configuration is included in the repository, in the file `.github/dependabot.yml`__. -__ https://help.github.com/en/github/administering-a-repository/customizing-dependency-updates +__ https://docs.github.com/en/github/administering-a-repository/configuration-options-for-dependency-updates -Dependabot integrates with your repository via its GitHub app. It manages the following dependencies: @@ -1949,8 +1949,6 @@ It manages the following dependencies: =================== ===================================== ================================================ -.. _official documentation: https://docs.github.com/en/github/administering-a-repository/keeping-your-dependencies-updated-automatically - .. _Read the Docs integration: Read the Docs From 7317442f2c7fd59ecccae8f795ed3e0a393b428c Mon Sep 17 00:00:00 2001 From: staticdev Date: Thu, 9 Jul 2020 11:58:20 -0300 Subject: [PATCH 7/7] Revert .github/dependabot.yml --- .github/dependabot.yml | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 0dbcbfa90..56a022ca2 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,26 +1,35 @@ version: 2 updates: - - package-ecosystem: github-actions - directory: "/" + - package-ecosystem: pip + directory: "/docs" schedule: interval: daily + time: "04:00" + timezone: "Europe/Berlin" labels: - "cookiecutter" - "dependencies" - "python" + open-pull-requests-limit: 99 - package-ecosystem: pip directory: "/.github/workflows" schedule: interval: daily + time: "04:00" + timezone: "Europe/Berlin" labels: - "cookiecutter" - "dependencies" - "python" - - package-ecosystem: pip - directory: "/docs" + open-pull-requests-limit: 99 + - package-ecosystem: github-actions + directory: "/" schedule: interval: daily + time: "04:00" + timezone: "Europe/Berlin" labels: - "cookiecutter" - "dependencies" - - "python" + - "github_actions" + open-pull-requests-limit: 99