search

frequenz-floss / frequenz-repo-config-python

Frequenz repository setup tools and common configuration for Python
https://frequenz-floss.github.io/frequenz-repo-config-python/
MIT License
4 stars 7 forks source link

Replace the `.gitmodules` template with another way to specify submodules #147

Open llucax opened 1 year ago

llucax commented 1 year ago

What's needed?

GitHub has a bug that makes dependabot fail to create pull requests when there is a .gitmodules file (anywhere) in the repository that can't be parsed. As we are using .gitmodules file in the cookiecutter templates, this means this repo is not receiving any dependabot updates.

Proposed solution

Use a toml file to list the submodules that should be added for the projects instead. We are already doing a lot of post-processing to handle the submodules anyway:

https://github.com/frequenz-floss/frequenz-repo-config-python/blob/330bb2d5803e4ef96e8108e72d5d763137a6a913/cookiecutter/hooks/post_gen_project.py#L217-L317

Use cases

No response

Alternatives and workarounds

Use another tool to get dependency updates, like renovate.

Additional context

Here are the relevant parts of my conversation with GitHub support:

image

image

image

llucax commented 5 months ago

Oh, it looks like GitHub/dependabot finally got their sh*t right: