colinphill-mdsol
commented
2 weeks ago That automatic label doesn't seem quite correct.
Open colinphill-mdsol opened 3 weeks ago
colinphill-mdsol
commented
2 weeks ago That automatic label doesn't seem quite correct.
Is there an existing issue for this?
Feature description
I would like to offer to develop and contribute support for Leiningen, a major build tool for Clojure, to dependabot-core.
Leiningen is closely related to Maven – it uses a similar declarative style and integrates with Maven artifact repositories – differing primarily in syntax. Most of the work is already done, therefore, by the Maven support already included in Dependabot, which can serve as a model for the new ecosystem. Leiningen has built-in tools for programmatically changing its dependency file, so the significant syntactic difference will not result in significant additional complexity.
There are 47.2k public projects using Leiningen, plus some unknown number of private projects (my company has a few dozen). This is a bit more than Hex's 30.3k public projects and not terribly far behind Gradle's 61.4k public projects, both of which are currently included as built-in ecosystems.
Leiningen is currently the poster child for extending Dependabot with custom scripts, being documented in CONTRIBUTING.md as an example to follow. However, the runner linked there is built on top of a fork which is over 9000 commits behind main. It was last updated back in 2020, before you revamped Dependabot's extensibility.