Closed bdovaz closed 8 months ago
Updating dependencies is tedious and if you can have a tool to automate it, it is welcome.
About your concern about the commits history, it is something that has been relatively solved with the grouping of updates (it is already in the stable version):
https://github.blog/changelog/2023-06-30-grouped-version-updates-for-dependabot-public-beta/
Besides, you can configure the schedule so that it is not daily and can be monthly for example so that it does not flood the history daily with commits of dependabot.
Updating dependencies is tedious and if you can have a tool to automate it, it is welcome.
No, it's not, you just have to use the right tools: https://github.com/sboulema/NuGetMonitor/
Updating dependencies is tedious and if you can have a tool to automate it, it is welcome.
No, it's not, you just have to use the right tools: https://github.com/sboulema/NuGetMonitor/
But I repeat again, you are mentioning a tool that you personally use for which you depend on VS as IDE and there are many more (VSCode, Rider, ...), I am talking about the general maintenance of an open source project (dependabot is the "native tool" provided by github) that should not depend on a person or his personal preferences regarding a tool.
It's my opinion but well what I said, tell me clearly if you don't want this PR to go anywhere and I'll close it.
Sorry if you've chosen an IDE with no good package management, but don't worry, you don't have to manage dependencies when you contribute, I will take care of this.
@bdovaz: since I saw you commenting on #579: https://github.com/sboulema/NuGetMonitor/ would be great candidate to migrate to some Multiplatform UI, so it could be used as plugin for other IDEs, too.
I'll only update dependencies when I'm actively working on a project, otherwise you will get an unusable history
e.g. try to figure out the last change related to a fix or feature here: https://github.com/Fody/Fody/commits/master