Configure dependabot to only observe version catalog file

wordpress-mobile / WordPress-Android

WordPress for Android

http://android.wordpress.org

GNU General Public License v2.0

2.99k stars 1.33k forks source link

Configure dependabot to only observe version catalog file #21349

Closed wzieba closed 1 month ago

wzieba commented 1 month ago

Description

The recent FluxC merge caused Dependabot to create PRs for merged submodules, particularly login module.

To reduce unnecessary noise as we'll be moving to version catalogs for login module as well, let's configure Dependabot to check for dependencies only in version catalog file. Relevant comment: https://github.com/wordpress-mobile/WordPress-Android/pull/21337#issuecomment-2434543581

dangermattic commented 1 month ago

	1 Message
:book:	This PR is still a Draft: some checks will be skipped.

Generated by :no_entry_sign: Danger

sonarcloud[bot] commented 1 month ago

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

wpmobilebot commented 1 month ago

📲 You can test the changes from this Pull Request in Jetpack by scanning the QR code below to install the corresponding build.

	App Name	Jetpack
	Flavor	Jalapeno
	Build Type	Debug
	Version	pr21349-357aba1
	Commit	357aba1fa3227520fe9f6c79cb364cd27f841314
	Direct Download	`jetpack-prototype-build-pr21349-357aba1.apk`

Note: Google Login is not supported on these builds.

wpmobilebot commented 1 month ago

📲 You can test the changes from this Pull Request in WordPress by scanning the QR code below to install the corresponding build.

	App Name	WordPress
	Flavor	Jalapeno
	Build Type	Debug
	Version	pr21349-357aba1
	Commit	357aba1fa3227520fe9f6c79cb364cd27f841314
	Direct Download	`wordpress-prototype-build-pr21349-357aba1.apk`

Note: Google Login is not supported on these builds.

nbradbury commented 1 month ago

@wzieba I'll leave it to @ParaskP7 to review this as he's more well-versed with dependabot. I do have a couple of open dependabot PRs that don't target the version catalog. I'm assuming I should simply close these?

wzieba commented 1 month ago

Gotcha @nbradbury !

I do have a couple of open dependabot PRs that don't target the version catalog. I'm assuming I should simply close these?

I think we can leave it as it is for now - after merging this PR, I suppose they'll be automatically closed 👍