capital-G
commented
2 weeks ago @dyfer should we merge this? Seems you were fond of it regarding sc3-plugins^^
Closed capital-G closed 2 weeks ago
capital-G
commented
2 weeks ago @dyfer should we merge this? Seems you were fond of it regarding sc3-plugins^^
dyfer
commented
2 weeks ago Hm, I'd give it some time to see how it plays out on sc3-plugins. As I don't really follow github pages and jekyll environments, I don't know what the possible side effects could be. What do you think about that?
In particular, there's still the warning from pages build and deployment action (The github-pages gem can't satisfy your Gemfile's dependencies.). I'm guessing that dependabot is not meant to solve this, but the fact that we'd have dependencies needed by jekyll (or whatever it is that we're using) and possibly security updates coming in from the dependabot action makes me a bit uneasy. Mostly because I have not "big picture" understanding of the github pages system and I don't have mental space to really dive into it.
Thoughts?
capital-G
commented
2 weeks ago I also don't know much about jekyll/ruby etc. and its dependencies - on the other hand, as long as the website builds it is fine? We have a CI step which builds the website, so as long as this works any upgardes suggested by dependabot could be "checked" this way.
dyfer
commented
2 weeks ago Sounds good, let's try this! We can always remove it if it doesn't work as desired.
Makes it easier to keep the dependencies of the website up to date and be aware when something breaks.