nushell/.github/dependabot.yml

# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates

# docs
# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
version: 2
updates:
  - package-ecosystem: "cargo"
    directory: "/"
    schedule:
      interval: "weekly"
      # We release on Tuesdays and open dependabot PRs will rebase after the
      # version bump and thus consume unnecessary workers during release, thus
      # let's open new ones on Wednesday
      day: "wednesday"
    ignore:
      - dependency-name: "*"
        update-types: ["version-update:semver-patch"]
    groups:
      # Only update polars as a whole as there are many subcrates that need to
      # be updated at once. We explicitly depend on some of them, so batch their
      # updates to not take up dependabot PR slots with dysfunctional PRs
      polars:
        patterns:
          - "polars"
          - "polars-*"
  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
      interval: "weekly"
      day: "wednesday"
experiment with dependabot and rust dependencies (#7716) # Description The PR is an experiment to see if we want to use dependabot to notify us and automatically update rust dependencies. # User-Facing Changes # Tests + Formatting Don't forget to add tests that cover your changes. Make sure you've run and fixed any issues with these commands: - `cargo fmt --all -- --check` to check standard code formatting (`cargo fmt --all` applies these changes) - `cargo clippy --workspace -- -D warnings -D clippy::unwrap_used -A clippy::needless_collect` to check that you're using the standard code style - `cargo test --workspace` to check that all tests pass # After Submitting If your PR had any user-facing changes, update [the documentation](https://github.com/nushell/nushell.github.io) after the PR is merged, if necessary. This will help us keep the docs up to date. 2023-01-11 23:30:34 +01:00			`# To get started with Dependabot version updates, you'll need to specify which`
			`# package ecosystems to update and where the package manifests are located.`
			`# Please see the documentation for all configuration options:`
			`# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates`

			`# docs`
			`# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file`
			`version: 2`
			`updates:`
			`- package-ecosystem: "cargo"`
			`directory: "/"`
			`schedule:`
			`interval: "weekly"`
Reschedule dependabot PR opening to Wednesday (#12082) We release on Tuesdays and open dependabot PRs will rebase after the version bump and thus consume unnecessary workers during release, thus let's open new ones on Wednesday 2024-03-06 23:08:35 +01:00			`# We release on Tuesdays and open dependabot PRs will rebase after the`
			`# version bump and thus consume unnecessary workers during release, thus`
			`# let's open new ones on Wednesday`
			`day: "wednesday"`
experiment with dependabot and rust dependencies (#7716) # Description The PR is an experiment to see if we want to use dependabot to notify us and automatically update rust dependencies. # User-Facing Changes # Tests + Formatting Don't forget to add tests that cover your changes. Make sure you've run and fixed any issues with these commands: - `cargo fmt --all -- --check` to check standard code formatting (`cargo fmt --all` applies these changes) - `cargo clippy --workspace -- -D warnings -D clippy::unwrap_used -A clippy::needless_collect` to check that you're using the standard code style - `cargo test --workspace` to check that all tests pass # After Submitting If your PR had any user-facing changes, update [the documentation](https://github.com/nushell/nushell.github.io) after the PR is merged, if necessary. This will help us keep the docs up to date. 2023-01-11 23:30:34 +01:00			`ignore:`
			`- dependency-name: "*"`
			`update-types: ["version-update:semver-patch"]`
Group `polars` crate updates in dependabot (#13084) We depend on `polars` and some of its subcrates explicitly. This leads to the unfortunate situtation that we have dependabot opening PRs that are not compiling, independent of whether there are breaking changes we need to account for. By introducing a [dependabot group](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates#grouping-dependabot-updates-into-one-pull-request) for `polars` we can at least limit that failure mode. 2024-06-07 01:33:21 +02:00			`groups:`
			`# Only update polars as a whole as there are many subcrates that need to`
			`# be updated at once. We explicitly depend on some of them, so batch their`
			`# updates to not take up dependabot PR slots with dysfunctional PRs`
			`polars:`
			`patterns:`
			`- "polars"`
			`- "polars-*"`
experiment with dependabot and rust dependencies (#7716) # Description The PR is an experiment to see if we want to use dependabot to notify us and automatically update rust dependencies. # User-Facing Changes # Tests + Formatting Don't forget to add tests that cover your changes. Make sure you've run and fixed any issues with these commands: - `cargo fmt --all -- --check` to check standard code formatting (`cargo fmt --all` applies these changes) - `cargo clippy --workspace -- -D warnings -D clippy::unwrap_used -A clippy::needless_collect` to check that you're using the standard code style - `cargo test --workspace` to check that all tests pass # After Submitting If your PR had any user-facing changes, update [the documentation](https://github.com/nushell/nushell.github.io) after the PR is merged, if necessary. This will help us keep the docs up to date. 2023-01-11 23:30:34 +01:00			`- package-ecosystem: "github-actions"`
			`directory: "/"`
			`schedule:`
			`interval: "weekly"`
Reschedule dependabot PR opening to Wednesday (#12082) We release on Tuesdays and open dependabot PRs will rebase after the version bump and thus consume unnecessary workers during release, thus let's open new ones on Wednesday 2024-03-06 23:08:35 +01:00			`day: "wednesday"`