Disable automated dependency bumps for the Nightly Release pipeline

[DeeDeeG]

Requirements for Adding, Changing, or Removing a Feature (from template)

Requirements for Adding, Changing, or Removing a Feature

• Fill out the template below. Any pull request that does not include enough information to be reviewed in a timely manner may be closed at the maintainers' discretion.
• The pull request must contribute a change that has been endorsed by the maintainer team. See details in the template below.
• The pull request must update the test suite to exercise the updated functionality. For guidance, please see https://flight-manual.atom.io/hacking-atom/sections/writing-specs/.
• After you create the pull request, all status checks must be pass before a maintainer reviews your contribution. For more details, please see https://github.com/atom/.github/tree/master/CONTRIBUTING.md#pull-requests.

Issue or RFC Endorsed by Atom's Maintainers

None.

Description of the Change

Disables automated dependency bumps in the Nightly Release pipeline config.

This is a feature implemented upstream: atom#20999

It opens a large number of Pull Requests that seem genuinely helpful to upstream, but which we are likely to have to ignore and/or close. We can re-enable this some time in the future if need be.

Allows us to run the Nightly Release pipeline without creating large numbers of dependency update PRs at this repo (or somehow accidentally at upstream).

Alternate Designs

Comment out with YAML # comments (?)

Maybe there is a way to do this in Azure DevOps UI instead? I'm not sure if you can, so I went with this, because it does disable the job.

Possible Drawbacks

None. I don't think we are interested in reviewing or merging these dependency bump PRs at this time.

Verification Process

CI run shows a "canceled" icon next to the "Bump Dependencies" job on the Nightly Release pipeline.

https://dev.azure.com/atomcommunity/atomcommunity/_build/results?buildId=124&view=results

Release Notes

N/A

[aminya]

I am a little skeptical about this. I prefer to get those pull requests here so we can try them! I actually installed the dependent bot. Once we get our releases running, I want to try bumping deps! LEss of an issue, but this PR also will cause some not much necessary conflict with upstream.

[DeeDeeG]

Alright!

Given my intent is to match CI to what we want it to do, and we want it to open those PRs... then this can be closed! Fine by me!

Useful for manual runs of the Nightly pipeline though when you want to debug code/the pipeline together... maybe this job should be set to not run if the reason for the run is "manual"? Just a thought.

https://docs.microsoft.com/en-us/azure/devops/pipelines/build/variables?view=azure-devops&tabs=yaml#build-variables

Build.Reason

[aminya]

Thank you anyways.

[DeeDeeG]

See comment above. Might it make sense to disable this if the Buld.Reason is "manual" i.e. manually running this pipeline doesn't cause a bunch of PRs? Or... maybe we can handle it anyhow. I assume it doesn't open duplicate PRs, so after the first time the effect might not be so bad.