Conversation
| watch = "0.2.3" | ||
| workerpool = "1.2.0" | ||
| xvii = "0.4.1" | ||
| z3 = "0.11.1" |
There was a problem hiding this comment.
The actual latest version here is 0.11.2, I downgraded it as a sanity check. If this PR is merged, dependabot should open a PR bumping this version.
| - all: | ||
| patterns: | ||
| - "*" | ||
| versioning-strategy: 'increase' |
There was a problem hiding this comment.
/local-registry is likely going to be detected as a library by dependabot, in which case it doesn't update as aggressively as for applications. This forces the most eager update strategy.
| schedule: | ||
| interval: 'weekly' | ||
| groups: | ||
| - all: | ||
| patterns: | ||
| - "*" |
There was a problem hiding this comment.
This should reduce the noise, maximum 1 PR per week. I see no reason to update separate crate versions in individual PRs.
|
@dhovart thanks for doing most of the work here a while back, feel free to chime in 🙂 |
Thanks for taking care of this! And continuing where I left. |
3 participants
closes #37
This is picking up where #40 left off, essentially replacing the script & github action to update the dependencies with a dependabot config.
I've never made a dependabot config, so this is just what I think should work based on reading these docs.