Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade to GitHub-native Dependabot #68

Merged
merged 3 commits into from
Sep 24, 2024
Merged

Upgrade to GitHub-native Dependabot #68

merged 3 commits into from
Sep 24, 2024

Conversation

dependabot-preview[bot]
Copy link
Contributor

Dependabot Preview will be shut down on August 3rd, 2021. In order to keep getting Dependabot updates, please merge this PR and migrate to GitHub-native Dependabot before then.

Dependabot has been fully integrated into GitHub, so you no longer have to install and manage a separate app. This pull request migrates your configuration from Dependabot.com to a config file, using the new syntax. When merged, we'll swap out dependabot-preview (me) for a new dependabot app, and you'll be all set!

With this change, you'll now use the Dependabot page in GitHub, rather than the Dependabot dashboard, to monitor your version updates, and you'll configure Dependabot through the new config file rather than a UI.

If you've got any questions or feedback for us, please let us know by creating an issue in the dependabot/dependabot-core repository.

Learn more about migrating to GitHub-native Dependabot

Please note that regular @dependabot commands do not work on this pull request.

@dependabot-preview
Copy link
Contributor Author

As a reminder, Dependabot Preview will be shut down on August 3rd, 2021. You can merge this pull request to migrate to GitHub-native Dependabot. You can read the docs to learn more about what's changing, as well as find out how to get support if you need help migrating.

@Tabby Tabby force-pushed the dependabot/add-v2-config-file branch from cccb6d1 to e51e677 Compare December 13, 2022 12:32
@Tabby Tabby requested a review from a team December 13, 2022 12:34
@sgerrand
Copy link

👋 @Tabby, when do you think this change will be reviewed? This gem has a few outdated dependencies which @dependabot would help with managing.

$ bundle outdated
Fetching gem metadata from https://rubygems.org/..........
Resolving dependencies...

Gem                    Current  Latest  Requested    Groups
activesupport          6.1.7.8  7.2.1   >= 4.2, < 7  development
gc_ruboconfig          3.6.2    5.0.2   ~> 3.6       development
rspec_junit_formatter  0.4.1    0.6.0   ~> 0.4.1     development

@Tabby
Copy link
Contributor

Tabby commented Sep 24, 2024

👋 @Tabby, when do you think this change will be reviewed? This gem has a few outdated dependencies which @dependabot would help with managing.

$ bundle outdated
Fetching gem metadata from https://rubygems.org/..........
Resolving dependencies...

Gem                    Current  Latest  Requested    Groups
activesupport          6.1.7.8  7.2.1   >= 4.2, < 7  development
gc_ruboconfig          3.6.2    5.0.2   ~> 3.6       development
rspec_junit_formatter  0.4.1    0.6.0   ~> 0.4.1     development

My apologies @sgerrand, this got lost among a bunch of other things. I'll get this PR all fixed up and push to get it reviewed this week if I can :)

Thanks for the reminder!

@Tabby Tabby force-pushed the dependabot/add-v2-config-file branch from 0befb4f to 7630b29 Compare September 24, 2024 11:33
@Tabby Tabby force-pushed the dependabot/add-v2-config-file branch from 7630b29 to 7e75d2c Compare September 24, 2024 12:55
@Tabby
Add dependabot automerge workflow
53a4595 
This will ensure that minor/patch version changes will be automatically
merged, reducing the effort required to keep dependencies up to date
@Tabby
Copy link
Contributor

Tabby commented Sep 24, 2024

Merging this without review as outdated dependencies have potential security implications

@Tabby Tabby merged commit 32d4506 into master Sep 24, 2024
2 checks passed
@Tabby Tabby deleted the dependabot/add-v2-config-file branch September 24, 2024 13:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sgerrand @Tabby