Dependabot
To keep our packages updated, we use dependabot to send pull requests to our repo automatically everytime there is an update.
In the image below, there are 2 scenarios:
- Passing - This means that the update passes our deployment and test check so it has low risk of breaking our builds. After 2 approvals it can be merged
- Failing - This is a breaking update that causes either our tests or deployment to fail. To remedy this, you would have to pull the change into your development environment and make fixes, then send up a new pull request (and closing the dependabot pull request).
