Closed Bug 1607327 Opened 5 years ago Closed 5 years ago

switch to dependabot (ichnaea)

Categories

(Location :: General, task, P1)

Product:
Location
Component:
General
Type:
task

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: willkg, Assigned: willkg)

Details

Attachments

(1 file)

pr 1022: bug 1607327: switch to dependabot
44 bytes, text/x-github-pull-request
Details | Review

Seems like pyup is dead. There are several options to switch to, one of which is dependabot. dependabot seems fine except that it doesn't do batch updates, so it'll create one PR per library that needs updating.

There's an issue for implementing batch updates, so I think that'll happen eventually.

In the meantime, having that even without the batch updates is significantly better than having pyup do nothing and having to assemble it by hand.

I think I have access to add this to Ichnaea. Grabbing this to do now.

I'll set it up similarly to how we set up pyup.

Assignee: nobody → willkg
Status: NEW → ASSIGNED

I added ichnaea to dependabot and now the PRs are flowing in. OMG.

The next step is to shut off pyup. I don't know how to do that offhand. I did remove the config file, but if pyup ever starts working again, it'll switch to the default configuration for the org. That would be unenthusing.

Ichnaea is on dependabot and got a slew of PRs.

Ichnaea is no longer in pyup (thank you, Greg!).

We're done here.

Status: ASSIGNED → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED

Oh, whoops--it's not removed from pyup, yet. I'm re-opening.

Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Summary: switch to dependabot → switch to dependabot (ichnaea)

Ichnaea is now removed from pyup. We're all done here.

Status: REOPENED → RESOLVED
Closed: 5 years ago5 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: