Skip to content

To Dependabot or to not Dependant #131

@AlexanderKaran

Description

@AlexanderKaran

I recently set up Dependabot to auto-bump versions; however, this causes a few issues:

  • We want to track all major and minor versions. If three minor versions come out since Dependabot last ran, it skips to the latest and misses the other two. We need to track each version so we can compare metrics over time
  • We need to group each app and starter. I have sort of fixed this with some complex grouping in Dependabot

I did start out with a GitHub action and am leaning that way again for version bumping, but wanted people's thoughts. Maybe this is not actually an issue, just let it run every day and merge each version bump?

Anyway keen to hear thoughts, options and solutions.

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions