Replies: 2 comments
-
@DaleOrders What do you think about this strategy? Might make it easier to maintain things during the initial build-out phase, since Dependabot will be pulling a lot of PR's if left on auto. And the challenge with that, is avoiding merge conflicts. I suppose we should also discuss a merge strategy with Dependabot too. Rebase Dependabot PR's to main? That is the current recommend practice at the moment. What is your experience with Dependabot PR's? I can discuss with my civic tech brigade what their current practice is with Dependabot PR's, since they have to manage a lot of merge's into the code base from Dependabot. |
Beta Was this translation helpful? Give feedback.
-
It looks like there is an option to limit the number of PRs by dependabot. How about using that? |
Beta Was this translation helpful? Give feedback.
-
I've been thinking about making an update to add a versioning strategy for the Dependabot. It would be "widen", which would be the equivalent of using ~ to prefix a version for a dependency in a package.json file. Thoughts?
Beta Was this translation helpful? Give feedback.
All reactions