This adds the dependabot ls command which outputs the parsed dependencies, and then stops the containers:
$ dependabot ls go_modules dependabot/cli 2> /dev/null
[
{
"name": "github.com/MakeNowJust/heredoc",
"requirements": [
{
"file": "go.mod",
"groups": [],
"requirement": "v1.0.0",
"source": {
"source": "github.com/MakeNowJust/heredoc",
"type": "default"
}
}
],
"version": "1.0.0"
},
... (and so on for a while)
The reason this is labelled as a hack is the Dependabot Updater wants to continue with the update, but I have the CLI cancel the Context which terminates the Docker containers.
A more graceful solution would involve telling dependabot-core directly that we want to stop after the dependencies are gathered.
For now this works as a POC.
In the console command above, I've redirected stderr to /dev/null as by default the Dependabot CLI outputs logs to stderr.
This adds the
dependabot lscommand which outputs the parsed dependencies, and then stops the containers:The reason this is labelled as a hack is the Dependabot Updater wants to continue with the update, but I have the CLI cancel the Context which terminates the Docker containers.
A more graceful solution would involve telling dependabot-core directly that we want to stop after the dependencies are gathered.
For now this works as a POC.
In the console command above, I've redirected stderr to /dev/null as by default the Dependabot CLI outputs logs to stderr.