You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We currently have Dependabot scheduled to run every Sunday. This results in numerous PRs that we frequently ignore, either because we don't have time to inspect them and don't trust the CI tests enough to merge them blindly, or that we don't want to litter the commit log with insignificant updates (we rarely make "real" changes so they would drown in all the Dependabot commits if we merge all of them).
We can reduce the frequency to e.g. every month or two. We'll still get patches for any security problems right away, and we always have the option of bumping dependencies by hand if there's anything in particular we want.
Additional Context
No response
Further links
No response
The text was updated successfully, but these errors were encountered:
Description
We currently have Dependabot scheduled to run every Sunday. This results in numerous PRs that we frequently ignore, either because we don't have time to inspect them and don't trust the CI tests enough to merge them blindly, or that we don't want to litter the commit log with insignificant updates (we rarely make "real" changes so they would drown in all the Dependabot commits if we merge all of them).
We can reduce the frequency to e.g. every month or two. We'll still get patches for any security problems right away, and we always have the option of bumping dependencies by hand if there's anything in particular we want.
Additional Context
No response
Further links
No response
The text was updated successfully, but these errors were encountered: