Closed atc0005 closed 2 years ago
atc0005
commented
4 years ago Example command/output:
$ go list -u -f '{{if (and (not (or .Main .Indirect)) .Update)}}{{.Path}}: {{.Version}} -> {{.Update.Version}}{{end}}' -m all 2> /dev/null
github.com/apex/log: v1.4.0 -> v1.6.0
github.com/atc0005/send2teams: v0.4.4 -> v0.4.5This is after jumping to an older tag where I knew there were dependency updates included in a later release.
atc0005
commented
4 years ago Example command/output:
$ go list -u -f '{{if (and (not (or .Main .Indirect)) .Update)}}{{.Path}}: {{.Version}} -> {{.Update.Version}}{{end}}' -m all 2> /dev/null github.com/apex/log: v1.4.0 -> v1.6.0 github.com/atc0005/send2teams: v0.4.4 -> v0.4.5This is after jumping to an older tag where I knew there were dependency updates included in a later release.
Note the exit code:
ubuntu@ubuntu-1804-test:~/Desktop/brick ((v0.3.0))$ go list -u -f '{{if (and (not (or .Main .Indirect)) .Update)}}{{.Path}}: {{.Version}} -> {{.Update.Version}}{{end}}' -m all 2> /dev/null
github.com/apex/log: v1.4.0 -> v1.7.0
github.com/atc0005/go-ezproxy: v0.1.3 -> v0.1.5
github.com/atc0005/send2teams: v0.4.4 -> v0.4.5
ubuntu@ubuntu-1804-test:~/Desktop/brick ((v0.3.0))$ echo $?
0We would need to look at the presence (or not) of text to determine whether an update is available.
atc0005
commented
3 years ago Dependabot is doing a pretty good job in most of the repos I am managing, but there are a few (e.g.,
atc0005/elbow) where it is utterly failing to work.
Not sure this is still worth pursuing. Dependabot is going a great job across repos I manage of identifying and offering PRs to update dependencies, so rolling my own crude implementation doesn't seem worth it (even as a CI check?).
Dependabot is doing a pretty good job in most of the repos I am managing, but there are a few (e.g.,
atc0005/elbow) where it is utterly failing to work.For now, it may be worth spinning off a daily job to look for available updates and fail when they're found.
See atc0005/notes#26 for details.