This attempts to fix our dependabot issue but I am not sure what the best way to test this is other than committing it and seeing what happens.
Problem (as I understand it, may be incorrect): Dependabot wants to update deps in src.gen/, but this is managed separately and can cause things to break. There is no exclude dirs option in dependabot. So, we limit the dependabot to packages/core only which doesn't paint the full picture of all of our dependencies AND since this is a monorepo where the package-lock.json lives in the root, it cannot be updated. This effectively bricks dependabot and makes the PRs nothing more than a reminder.
Solution: Use this 'workaround' to exclude a directory so that dependabot can update the deps of all of our subprojects and the root directory without touching src.gen/.
Hack from: https://github.com/dependabot/dependabot-core/issues/4364
This attempts to fix our dependabot issue but I am not sure what the best way to test this is other than committing it and seeing what happens.
Problem (as I understand it, may be incorrect): Dependabot wants to update deps in src.gen/, but this is managed separately and can cause things to break. There is no exclude dirs option in dependabot. So, we limit the dependabot to packages/core only which doesn't paint the full picture of all of our dependencies AND since this is a monorepo where the package-lock.json lives in the root, it cannot be updated. This effectively bricks dependabot and makes the PRs nothing more than a reminder.
Solution: Use this 'workaround' to exclude a directory so that dependabot can update the deps of all of our subprojects and the root directory without touching src.gen/. Hack from: https://github.com/dependabot/dependabot-core/issues/4364
MAY have to follow up with removing
versioning-strategy: 'increase', (added because of https://github.com/dependabot/dependabot-core/issues/4993)License: I confirm that my contribution is made under the terms of the Apache 2.0 license.