As the dependabot updates are set up to not create PR's for major version updates (question as to whether this would be useful or not? generally a major version bump would require more than just quickly accepting a dependabot PR merge, but as with all things, that is totally dependent on the library, some do major breaking updates on patch versions, some do insignificant updates on major versions 🤷 ), can't rely on dependabot to inform about being behind on major versions.
So this is a list of dependencies in this repo that are behind as of creation of this issue
esune
commented
4 months ago
As the dependabot updates are set up to not create PR's for major version updates (question as to whether this would be useful or not? generally a major version bump would require more than just quickly accepting a dependabot PR merge, but as with all things, that is totally dependent on the library, some do major breaking updates on patch versions, some do insignificant updates on major versions 🤷 ), can't rely on dependabot to inform about being behind on major versions.
So this is a list of dependencies in this repo that are behind as of creation of this issue
charset-normalizer anyio==3.5.0 https://pypi.org/project/anyio/ certifi==2023.11.17 https://pypi.org/project/certifi/ greenlet==1.1.2 https://pypi.org/project/greenlet/ python-dotenv==0.19.2 https://pypi.org/project/python-dotenv/ SQLAlchemy==1.4.27 https://pypi.org/project/SQLAlchemy/ urllib3==1.26.18 https://pypi.org/project/urllib3/