The github action to bump dependencies attempts to push changes to master but fails because master is a protected branch.
Potential Solutions:
Give github actions an administrator token
Make Github Actions create a PR (and maybe auto merge them)
Use dependabot (and maybe auto merge).
More on dependabot:
If it runs on our repos, it will monitor Pypi for updates to packages we require and (live?) create PRs for them. It pulls dependencies from:
requirements.txt
setup.py / .cfg
pyproject.toml but it doesn't seem to pick up our dependencies sadly.
The github action to bump dependencies attempts to push changes to
master
but fails because master is a protected branch.Potential Solutions:
More on dependabot: If it runs on our repos, it will monitor Pypi for updates to packages we require and (live?) create PRs for them. It pulls dependencies from:
I'm leaning towards options 2 or 3.