Open jameswilddev opened 5 years ago
I've heard good things about dependabot. I don't think it matters about which we use as long as they work the same.
There's indeed a lot of great tools for this. One I've seen a lot of projects use is Greenkeeper, but it seemed... unreliable when I tested it on my own projects.
There's some outdated dependencies here; it can be quite a chore to keep on top of these. I've used Renovate in the past which is free for open-source repositories to automatically raise pull requests when dependencies release new versions (which triggers a CI build to ensure compatability) including their changelogs for review.
I've got this enabled on my fork, which you can see here for a preview of what this might look like.