ci: Add dependabot for requirements#410
ci: Add dependabot for requirements#410georgebisbas wants to merge 1 commit intohw-native-sys:mainfrom
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a Dependabot configuration for automated dependency updates and adds a new CI requirements file. The review feedback correctly identifies that the Dependabot pip ecosystem configuration points to the root directory, which will miss the new requirements/ci.txt file located in the requirements subdirectory; a change to the directory path is recommended to ensure proper tracking.
.github/dependabot.yml
Outdated
| version: 2 | ||
| updates: | ||
| - package-ecosystem: "pip" | ||
| directory: "/" |
There was a problem hiding this comment.
The pip package-ecosystem is configured to look in the root directory (/), but the new requirements file requirements/ci.txt is located in the requirements subdirectory. To ensure Dependabot can find and update the dependencies in requirements/ci.txt, the directory should be set to /requirements.
Note that this change will cause Dependabot to stop scanning for dependencies in pyproject.toml at the root level. If you intend to update dependencies in both files, you will need to create a second, separate entry for the pip package-ecosystem with directory: "/".
directory: "/requirements"
ci: Add dependabot for requirements
georgebisbas
force-pushed
the
dependabot
branch
from
b7ddb9c to
361cb1a
Compare
1 participant
Add dependabot for handling future python releases on dependencies