Closed andyw8 closed 2 months ago
Should we instead add a constraint to the Gemfile? I assume the changes to make Rails compatible with it will soon land and then we will need to remember to remove the exclusion.
That's what we had but Dependabot still tries to bump it: https://github.com/Shopify/ruby-lsp-rails/pull/346
It might be possible if we switch the versioning strategy but then it could be confusing if this repo behaves differently from others.
It might be possible if we switch the versioning strategy but then it could be confusing if this repo behaves differently from others.
I think it's probably fair to ask dependabot to not bump any major version upgrades? It generally happens a lot less frequently so we don't get much out of this automation. And looking at our version constraint declarations in Gemfile, it's something we want to avoid too.
We don't auto-merge any major upgrades, which I think is fair so that someone has to understand what the major changes are. But we do want to keep dependencies up to date.
In my opinion, I wouldn't change the dependabot configuration. I'd just ignore the PR for sqlite until Rails supports it.
I'd just ignore the PR for sqlite until Rails supports it.
I know currently sqlite3 has its own PR, but how does dependabot decide whether to group it other bumps or not 🤔
In the configuration. We only group minor and patches.
Ok, let's wait and see how the v2 release activity is. There's only been two so far. If it's coming up weekly we can revisit. (We'll likely also run into this on Tapioca).
v2 of the sqlite3 gem is not compatible with Rails 7.1.