You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We could use Dependabot to automatically update package versions of GitHub Actions and Python packages specified in the requirements.txt file. This would be particularly useful in addressing #550. A dependabot.yml configuration file needs to be placed in the repository.
The text was updated successfully, but these errors were encountered:
I've configured Dependabot to check weekly for updates to GitHub Actions and Python packages. I've merged all PRs opened by Dependabot apart from for pytest-cov (#576, need to keep pin <4.0.0) and pluggy (#582, removed direct dependence). There were a couple of problems getting the CI to run for the PRs opened by Dependabot, which I mention below for future reference.
GITHUB_TOKEN has read-only permissions by default. The coverage/coveralls check was not being updated, even though coveralls was running successfully. I added (13ed6af) permissions: write-all to the test job. This might be too permissive, as probably only checks: write is needed, but it was simpler to implement.
We could use Dependabot to automatically update package versions of GitHub Actions and Python packages specified in the
requirements.txt
file. This would be particularly useful in addressing #550. Adependabot.yml
configuration file needs to be placed in the repository.The text was updated successfully, but these errors were encountered: