Problem Statement. .github/dependabot.yml is intentionally disabled (configured
with open-pull-requests-limit: 0). Many library upgrades are deferred.
Technical Context.
.github/dependabot.yml.
Expected Outcome. A new .github/dependabot.yml enables npm, cargo, pip, github-actions
ecosystems. Grouped weekly PRs (@dependabot squash).
Acceptance Criteria.
- PRs are auto-titled per ecosystem.
- A
renovate.json mirror exists for those who prefer Renovate.
Files or modules likely to be affected.
.github/dependabot.yml,
new .github/renovate.json (alternative).
Difficulty. Easy
Estimated effort. S
Backlog item #94 from `docs/maintainer-issue-backlog.md.
Problem Statement.
.github/dependabot.ymlis intentionally disabled (configuredwith
open-pull-requests-limit: 0). Many library upgrades are deferred.Technical Context.
.github/dependabot.yml.Expected Outcome. A new
.github/dependabot.ymlenables npm, cargo, pip, github-actionsecosystems. Grouped weekly PRs (
@dependabot squash).Acceptance Criteria.
renovate.jsonmirror exists for those who prefer Renovate.Files or modules likely to be affected.
.github/dependabot.yml,new
.github/renovate.json(alternative).Difficulty. Easy
Estimated effort. S
Backlog item #94 from `docs/maintainer-issue-backlog.md.