Closed AlCalzone closed 4 years ago
Thank you! this is amazing 🙏 I'll read through and review through the week.
in the meantime, could you please add some tests to cover all scenarios added here?
I'll see what I can do
I think I got it all now :)
thank you for getting this done it's been a busy week for me but I'll carve out sometime this weekend to get this f merged
this is amazingly thorough, thank you for putting in the effort and sorry for taking longer to get back to it.
I left some comments & suggestions, and a couple of questions, no show stoppers from merging, so please let me know if you are willing & have the time for some of the suggested tweaks / optimization ... otherwise I will take that on.
All your comments should be addressed now :)
:tada: This PR is included in version 2.0.0 :tada:
The release is available on GitHub release
Your semantic-release bot :package::rocket:
thank you for all the effort to get this done @AlCalzone 👏 👏 👏
No problem, but I fear we need to do another round: With this config https://github.com/AlCalzone/node-zwave-js/blob/master/.github/workflows/dependabot-automerge.yml https://github.com/AlCalzone/node-zwave-js/blob/master/.github/auto-merge.yml this PR https://github.com/AlCalzone/node-zwave-js/pull/953 yielded this log:
using workflow's "target":
- match:
dependency_type: all
update_type: 'semver:patch'
title: "build(deps-dev): bump jest-circus from 26.4.1 to 26.4.2"
depName: jest-circus
from: 26.4.1
to: 26.4.2
dependency type: development
security critical: false
manual merging required
I would have expected the following:
With this PR, the action now tries to determine whether a dependency is a production or development dependency and checks whether the update is security critical.
More fine-grained merge options are now available through
.github/auto-merge.yml
, which is based on theautomerged_updates
key of the original dependabot config. If both a target and this file are given, the config file is preferred.fixes: #7