Open rnorth opened 3 years ago
Draft observations from #4176:
nocombine
label to. We could improve this by:
nocombine
: the permissions model does not let a workflow modify another workflow, and this is probably for good reason. Having thought about it some more, I think this is better as a client-side utility script than a workflow: It seems that GHA workflows are not run against the PR
is pretty much a fatal blow, as it prevents us from being able to verify the combined PR actually passes checks.
I've just raised https://github.com/testcontainers/testcontainers-java/pull/4178 using an improved version of my script, which I think addresses the pain points identified above.
4135 explored a scripted approach (running client side) of combining multiple PRs into one.
The motivation is that the sheer volume of dependabot PRs creates a weekly multi-hour merge chore, as well as obscuring real PRs by real people - both of which are terrible.
https://github.com/dependabot/dependabot-core/issues/1190 looks like it won't happen any time soon.
https://www.hrvey.com/blog/combine-dependabot-prs looks very promising and I think we should give it a try instead of my previous script attempt. I'd like to verify:
build.gradle
files, which may or may not be a nuisance.build.gradle
files - perhaps we could explore using this.