Closed mikeee closed 3 months ago
manojks1999
commented
5 months ago Dependabot should run on the dapr-bot go package at
.github/workflows/dapr-bothttps://github.com/dapr/go-sdk/blob/main/.github%2Fdependabot.yml
Hi @mikeee , Can you explain briefly on this issue.
mikeee
commented
5 months ago Hey, the dependabot manifest should be updated so that the dapr-bot dependencies are kept up-to-date/managed by dependabot.
The dependabot.yml manifest currently shows how the main go-sdk go.mod
is kept up to date and should have a similar implementation.
Let me know if you have any other questions! 🙂
On Thu, 7 Mar 2024, 04:41 manojks1999, @.***> wrote:
Dependabot should run on the dapr-bot go package at .github/workflows/dapr-bot https://github.com/dapr/go-sdk/blob/main/.github%2Fdependabot.yml
Hi @mikeee https://github.com/mikeee , Can you explain briefly on this issue.
— Reply to this email directly, view it on GitHub https://github.com/dapr/go-sdk/issues/523#issuecomment-1982335179, or unsubscribe https://github.com/notifications/unsubscribe-auth/AEWZQBXJNVYPZV47S5ED7ZLYW7VWTAVCNFSM6AAAAABEHPVQ3KVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSOBSGMZTKMJXHE . You are receiving this because you were mentioned.Message ID: @.***>
manojks1999
commented
5 months ago Hey, the dependabot manifest should be updated so that the dapr-bot dependencies are kept up-to-date/managed by dependabot. The
dependabot.ymlmanifest currently shows how the main go-sdkgo.modis kept up to date and should have a similar implementation. Let me know if you have any other questions! 🙂 … On Thu, 7 Mar 2024, 04:41 manojks1999, @.> wrote: Dependabot should run on the dapr-bot go package at .github/workflows/dapr-bot https://github.com/dapr/go-sdk/blob/main/.github%2Fdependabot.yml Hi @mikeee https://github.com/mikeee , Can you explain briefly on this issue. — Reply to this email directly, view it on GitHub <#523 (comment)>, or unsubscribe https://github.com/notifications/unsubscribe-auth/AEWZQBXJNVYPZV47S5ED7ZLYW7VWTAVCNFSM6AAAAABEHPVQ3KVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSOBSGMZTKMJXHE . You are receiving this because you were mentioned.Message ID: @.>
Okay, You mean we just need to update the configuration of the dependencies management YAML file to roughly like below.
version: 2
updates:
- package-ecosystem: "gomod"
directory: "/"
schedule:
interval: "daily"
- package-ecosystem: "gomod"
directory: "/.github/workflows/dapr-bot"
schedule:
interval: "daily"and is it is also a daily cron ?
mikeee
commented
5 months ago That's the target, daily runs should be fine - feel free to propose anything 👍
On Thu, 7 Mar 2024, 18:00 manojks1999, @.***> wrote:
Hey, the dependabot manifest should be updated so that the dapr-bot dependencies are kept up-to-date/managed by dependabot. The dependabot.yml manifest currently shows how the main go-sdk go.mod is kept up to date and should have a similar implementation. Let me know if you have any other questions! 🙂 … <#m6786535294309183429> On Thu, 7 Mar 2024, 04:41 manojks1999, @.> wrote: Dependabot should run on the dapr-bot go package at .github/workflows/dapr-bot https://github.com/dapr/go-sdk/blob/main/.github%2Fdependabot.yml https://github.com/dapr/go-sdk/blob/main/.github%2Fdependabot.yml Hi @mikeee https://github.com/mikeee https://github.com/mikeee https://github.com/mikeee , Can you explain briefly on this issue. — Reply to this email directly, view it on GitHub <#523 (comment) https://github.com/dapr/go-sdk/issues/523#issuecomment-1982335179>, or unsubscribe https://github.com/notifications/unsubscribe-auth/AEWZQBXJNVYPZV47S5ED7ZLYW7VWTAVCNFSM6AAAAABEHPVQ3KVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSOBSGMZTKMJXHE https://github.com/notifications/unsubscribe-auth/AEWZQBXJNVYPZV47S5ED7ZLYW7VWTAVCNFSM6AAAAABEHPVQ3KVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSOBSGMZTKMJXHE . You are receiving this because you were mentioned.Message ID: @.>
Okay, You mean we just need to update the configuration of the dependencies management YAML file to roughly like below.
version: 2 updates:
- package-ecosystem: "gomod" directory: "/" schedule: interval: "daily"
- package-ecosystem: "gomod" directory: "/.github/workflows/dapr-bot" schedule: interval: "daily"
— Reply to this email directly, view it on GitHub https://github.com/dapr/go-sdk/issues/523#issuecomment-1984009429, or unsubscribe https://github.com/notifications/unsubscribe-auth/AEWZQBXNRUYYH7JIMZMNG6DYXCMMHAVCNFSM6AAAAABEHPVQ3KVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSOBUGAYDSNBSHE . You are receiving this because you were mentioned.Message ID: @.***>
manojks1999
commented
5 months ago Hi @mikeee ,
Created a PR pls have a look at it.
Thanks.
Dependabot should run on the dapr-bot go package at
.github/workflows/dapr-bothttps://github.com/dapr/go-sdk/blob/main/.github%2Fdependabot.yml