From a65d6fcad587fd371ec65ad3c996168b10482c42 Mon Sep 17 00:00:00 2001 From: Tetsuo Koyama Date: Fri, 30 Aug 2024 14:58:55 +0900 Subject: [PATCH 1/7] Create `dependabot.yml` to enable `Dependabot` --- .github/dependabot.yml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..1bfc0903 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,27 @@ +version: 2 +updates: + - package-ecosystem: "pip" + directory: "/" + insecure-external-code-execution: allow + schedule: + interval: "monthly" + open-pull-requests-limit: 100 + labels: + - "maintenance" + - "dependencies" + groups: + pip: + patterns: + - "*" + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "monthly" + open-pull-requests-limit: 100 + labels: + - "maintenance" + - "dependencies" + groups: + actions: + patterns: + - "*" From 7082f1580db8d64c837f015757f5004a5bb585cd Mon Sep 17 00:00:00 2001 From: Tetsuo Koyama Date: Fri, 30 Aug 2024 15:01:14 +0900 Subject: [PATCH 2/7] Update dependabot.yml --- .github/dependabot.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 1bfc0903..593600e0 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -3,8 +3,6 @@ updates: - package-ecosystem: "pip" directory: "/" insecure-external-code-execution: allow - schedule: - interval: "monthly" open-pull-requests-limit: 100 labels: - "maintenance" @@ -15,8 +13,6 @@ updates: - "*" - package-ecosystem: "github-actions" directory: "/" - schedule: - interval: "monthly" open-pull-requests-limit: 100 labels: - "maintenance" From 43c8d1afe392cdae213e1bc5906db75bd4f38f48 Mon Sep 17 00:00:00 2001 From: Tetsuo Koyama Date: Fri, 30 Aug 2024 15:02:12 +0900 Subject: [PATCH 3/7] Revert "Update dependabot.yml" This reverts commit 7da4c13be1a2b465ee2ad5aee1215679c65f99e9. --- .github/dependabot.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 593600e0..1bfc0903 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -3,6 +3,8 @@ updates: - package-ecosystem: "pip" directory: "/" insecure-external-code-execution: allow + schedule: + interval: "monthly" open-pull-requests-limit: 100 labels: - "maintenance" @@ -13,6 +15,8 @@ updates: - "*" - package-ecosystem: "github-actions" directory: "/" + schedule: + interval: "monthly" open-pull-requests-limit: 100 labels: - "maintenance" From 5ae0cbdb2fd53565c543e249d47212bf7e72e336 Mon Sep 17 00:00:00 2001 From: Tetsuo Koyama Date: Fri, 30 Aug 2024 15:03:32 +0900 Subject: [PATCH 4/7] Update dependabot.yml --- .github/dependabot.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 1bfc0903..f44b33ba 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -4,7 +4,7 @@ updates: directory: "/" insecure-external-code-execution: allow schedule: - interval: "monthly" + interval: "daily" open-pull-requests-limit: 100 labels: - "maintenance" @@ -16,7 +16,7 @@ updates: - package-ecosystem: "github-actions" directory: "/" schedule: - interval: "monthly" + interval: "daily" open-pull-requests-limit: 100 labels: - "maintenance" From c8a012601668e40c91f2b5465e221779c5cf6f14 Mon Sep 17 00:00:00 2001 From: Tetsuo Koyama Date: Sat, 31 Aug 2024 05:38:08 +0900 Subject: [PATCH 5/7] Update dependabot.yml --- .github/dependabot.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index f44b33ba..87dbac45 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -13,6 +13,8 @@ updates: pip: patterns: - "*" + commit-message: + prefix: "chore" - package-ecosystem: "github-actions" directory: "/" schedule: @@ -25,3 +27,5 @@ updates: actions: patterns: - "*" + commit-message: + prefix: "chore" From 279939cd2e4d6cdd6585d2bcff3b3245ccc9cacb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 3 Oct 2024 09:49:25 +0900 Subject: [PATCH 6/7] chore: bump pydata-sphinx-theme from 0.15.2 to 0.15.4 in the pip group (#414) Bumps the pip group with 1 update: [pydata-sphinx-theme](https://github.com/pydata/pydata-sphinx-theme). Updates `pydata-sphinx-theme` from 0.15.2 to 0.15.4 - [Release notes](https://github.com/pydata/pydata-sphinx-theme/releases) - [Changelog](https://github.com/pydata/pydata-sphinx-theme/blob/main/RELEASE.md) - [Commits](https://github.com/pydata/pydata-sphinx-theme/compare/v0.15.2...v0.15.4) --- updated-dependencies: - dependency-name: pydata-sphinx-theme dependency-type: direct:production update-type: version-update:semver-patch dependency-group: pip ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 86610023..87bd1588 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -8,7 +8,7 @@ dynamic = [ "version" ] dependencies = [ - "pydata-sphinx-theme==0.15.2", + "pydata-sphinx-theme==0.15.4", "myst-nb", "sphinx", "sphinx-autobuild", From 246bee0015080c96b59efaa1c3dd05b2a2d0ea94 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 3 Oct 2024 09:52:26 +0900 Subject: [PATCH 7/7] chore: bump the actions group with 2 updates (#413) Bumps the actions group with 2 updates: [peaceiris/actions-gh-pages](https://github.com/peaceiris/actions-gh-pages) and [actions/add-to-project](https://github.com/actions/add-to-project). Updates `peaceiris/actions-gh-pages` from 3.8.0 to 4.0.0 - [Release notes](https://github.com/peaceiris/actions-gh-pages/releases) - [Changelog](https://github.com/peaceiris/actions-gh-pages/blob/main/CHANGELOG.md) - [Commits](https://github.com/peaceiris/actions-gh-pages/compare/v3.8.0...v4.0.0) Updates `actions/add-to-project` from 1.0.1 to 1.0.2 - [Release notes](https://github.com/actions/add-to-project/releases) - [Commits](https://github.com/actions/add-to-project/compare/v1.0.1...v1.0.2) --- updated-dependencies: - dependency-name: peaceiris/actions-gh-pages dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/add-to-project dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build-book.yml | 2 +- .github/workflows/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-book.yml b/.github/workflows/build-book.yml index e978b3c8..b8dcb7f2 100644 --- a/.github/workflows/build-book.yml +++ b/.github/workflows/build-book.yml @@ -56,7 +56,7 @@ jobs: - name: Push to GitHub Pages # Only push if on main branch if: github.ref == 'refs/heads/main' - uses: peaceiris/actions-gh-pages@v3.8.0 + uses: peaceiris/actions-gh-pages@v4.0.0 with: github_token: ${{ secrets.GITHUB_TOKEN }} publish_dir: ./_build/html diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index aca8ff87..ff60b7bd 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -11,7 +11,7 @@ jobs: steps: - name: Add issue to project id: add-to-project - uses: actions/add-to-project@v1.0.1 + uses: actions/add-to-project@v1.0.2 with: project-url: https://github.com/orgs/pyOpenSci/projects/3 # This is a organization level token so it can be used across all repos in our org