Closed johanhelsing closed 9 months ago
You could change the dependabot PR cadence from weekly to monthly or longer.
Seems it's possible to group patch level updates into one PR, which i think is what i want: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#groups
I'm starting to think that the dependabot PRs are not necessarily that helpful. They add quite a bit of noise to the list of PRs.
I think it's good to have separate PRs for the ones that update
Cargo.toml
files, like #363But for the ones that update
Cargo.lock
, I'd much rather have a singlechore: cargo update
commit taking all in one go. There are also crates that are updated that we don't get PRs for, so it seems a bit arbitrary.Not sure if this is possible to configure with dependabot or not, just airing my thoughs.