priyanshurohilla
commented
4 years ago Can i work on this?
Open Kajol-Kumari opened 4 years ago
priyanshurohilla
commented
4 years ago Can i work on this?
Kajol-Kumari
commented
4 years ago @priyanshurohilla It's good to see you are interested in taking up this issue. But all the issues with the label of open source hack will be assigned to the OSH participants starting from 1st of september on the basis of First come first serve basis so please wait patiently till 1st of september and till then you can set-up the repo. locally and get acquainted with the project functionalities and its codebase.
SanketDG
commented
4 years ago These needs to broken down into several issues, the first issue being successfully upgrading Django, because that itself would involve several code changes.
Just adding dependabot wouldn't help because the tests would fail on most of them.
Kajol-Kumari
commented
4 years ago These needs to broken down into several issues, the first issue being successfully upgrading Django, because that itself would involve several code changes.
Just adding dependabot wouldn't help because the tests would fail on most of them.
@SanketDG I agree but i had seen the Django upgrading issue mentioned in the doc so i didn't opened on my own. I will wait till 30th and if it's not get opened, i will open it up. Also we need to test the issues opened by dependent bot before merging to make sure that it don't break anything.
Kajol-Kumari
commented
4 years ago Hey Everybody, all who are interested in this issue. Please accept my apologies but according to the new guidelines we received, we will count First come first serve on the basis of comments/claims done 1st september onwards. So, everyone who are interested in this issue, do come again on 1st and comment first to get assigned.
Abjcodes
commented
4 years ago I would like to work on this issue as a part of OSH. Can you assign me this issue? Thank You.
Kajol-Kumari
commented
4 years ago Hey @Abjcodes as I have already assigned you one issue, can't assign you any issues till you open up a valid PR for the assigned one.
priyanshurohilla
commented
4 years ago I would like to work on this i am participating in osh
Kajol-Kumari
commented
4 years ago Hey @priyanshurohilla please go ahead with this issue. Happy Learning :)
Kajol-Kumari
commented
4 years ago @priyanshurohilla can you please provide an update on the work you have done for this issue.
priyanshurohilla
commented
4 years ago @Kajol-Kumari I have installed dependabot and it opened PR's on forked repository. So now, do i need to merge those PR's and then send a pull request here or anything else I need to do?
Kajol-Kumari
commented
4 years ago Okay so installed the dependent bot in your forked repo. I think you can't integrate it in the main repo as it will cause the permission issue. So please write a blog on the how you integrated it and paste the blog url under outreach-work.md/docs file( (If you can't find outreach-work.md/docs folder, create one) and open the PR for the same.
Description
Updating dependencies is a repetitive need. However, it is not feasible for a person to keep an eye on all updates on dependencies. As a result, the outdated dependencies keep piling up.
According to the requires.io report, most dependencies in vms are already outdated. I think the below mentioned approach will be a really efficient way to keep dependencies up-to-date and avoid having to make large version bumps in dependencies later on.
Mocks
Acceptance Criteria
Update [Required]
Dependabot is a great tool for this purpose. It automatically checks for updates in dependencies periodically in specified frequency (e.g. daily or weekly). Then it opens up PRs bumping those dependencies. We can verify that the updates are compatible by taking feedback from CI pipeline (Travis).
Definition of Done
Estimation
1.5 hours