Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

🌱 configure dependabot to group (most) GitHub actions weekly #3655

Merged
merged 2 commits into from
Nov 10, 2023

Conversation

spencerschrock
Copy link
Member

What kind of change does this PR introduce?

dependabot config change

What is the current behavior?

  • GitHub actions are their own PR
  • Updates are sent daily

What is the new behavior (if this is a feature change)?**

  • updates are sent weekly

  • Most actions are grouped. Actions which influence the build/release process are excluded, so dependabot will send individual updates for those.

    • "actions/setup-go"
    • "arduino/setup-protoc"
    • "goreleaser/goreleaser-action"
  • Tests for the changes have been added (for bug fixes/features)

Which issue(s) this PR fixes

Special notes for your reviewer

Does this PR introduce a user-facing change?

For user-facing changes, please add a concise, human-readable release note to
the release-note

(In particular, describe what changes users might need to make in their
application as a result of this pull request.)


actions which influence the build/release process are excluded.
dependabot will send individual updates for those.

Signed-off-by: Spencer Schrock <[email protected]>
@spencerschrock spencerschrock requested a review from a team as a code owner November 8, 2023 22:14
@spencerschrock spencerschrock requested review from justaugustus and laurentsimon and removed request for a team November 8, 2023 22:14
@spencerschrock
Copy link
Member Author

You can see an example of this in ossf/scorecard-action where it's already used:
ossf/scorecard-action#1286

Copy link

codecov bot commented Nov 8, 2023

Codecov Report

Merging #3655 (126df48) into main (b3d1a5a) will decrease coverage by 8.05%.
The diff coverage is n/a.

Additional details and impacted files
@@            Coverage Diff             @@
##             main    #3655      +/-   ##
==========================================
- Coverage   76.06%   68.02%   -8.05%     
==========================================
  Files         206      206              
  Lines       14065    14065              
==========================================
- Hits        10699     9568    -1131     
- Misses       2733     3945    +1212     
+ Partials      633      552      -81     

@spencerschrock spencerschrock enabled auto-merge (squash) November 10, 2023 01:13
@spencerschrock spencerschrock merged commit 934f170 into ossf:main Nov 10, 2023
37 of 38 checks passed
@spencerschrock spencerschrock deleted the ci/group-action-updates branch November 10, 2023 01:22
diogoteles08 pushed a commit to diogoteles08/scorecard that referenced this pull request Nov 13, 2023
actions which influence the build/release process are excluded.
dependabot will send individual updates for those.

Signed-off-by: Spencer Schrock <[email protected]>
Signed-off-by: Diogo Teles Sant'Anna <[email protected]>
ashearin pushed a commit to kgangerlm/scorecard-gitlab that referenced this pull request Nov 13, 2023
actions which influence the build/release process are excluded.
dependabot will send individual updates for those.

Signed-off-by: Spencer Schrock <[email protected]>
Signed-off-by: Allen Shearin <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants