mirror of
https://github.com/nushell/nushell.git
synced 2024-11-08 01:24:38 +01:00
460df0e99a
We depend on `polars` and some of its subcrates explicitly. This leads to the unfortunate situtation that we have dependabot opening PRs that are not compiling, independent of whether there are breaking changes we need to account for. By introducing a [dependabot group](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates#grouping-dependabot-updates-into-one-pull-request) for `polars` we can at least limit that failure mode.
34 lines
1.3 KiB
YAML
34 lines
1.3 KiB
YAML
# To get started with Dependabot version updates, you'll need to specify which
|
|
# package ecosystems to update and where the package manifests are located.
|
|
# Please see the documentation for all configuration options:
|
|
# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
|
|
|
|
# docs
|
|
# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
|
|
version: 2
|
|
updates:
|
|
- package-ecosystem: "cargo"
|
|
directory: "/"
|
|
schedule:
|
|
interval: "weekly"
|
|
# We release on Tuesdays and open dependabot PRs will rebase after the
|
|
# version bump and thus consume unnecessary workers during release, thus
|
|
# let's open new ones on Wednesday
|
|
day: "wednesday"
|
|
ignore:
|
|
- dependency-name: "*"
|
|
update-types: ["version-update:semver-patch"]
|
|
groups:
|
|
# Only update polars as a whole as there are many subcrates that need to
|
|
# be updated at once. We explicitly depend on some of them, so batch their
|
|
# updates to not take up dependabot PR slots with dysfunctional PRs
|
|
polars:
|
|
patterns:
|
|
- "polars"
|
|
- "polars-*"
|
|
- package-ecosystem: "github-actions"
|
|
directory: "/"
|
|
schedule:
|
|
interval: "weekly"
|
|
day: "wednesday"
|