Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
🔧 [dependabot] Reduce merge conflicts using the lockfile-only strategy
Dependabot updates version constraints in pyproject.toml even when the version constraint already covers the new version, leading to frequent merge conflicts because the global content hash in poetry.lock changes. As of #744, this project template no longer uses upper version bounds for its dependencies. As a result, we are now able to use the "lockfile-only" versioning strategy to upgrade dependencies, including major version bumps. This strategy prevents Dependabot from modifying pyproject.toml, putting an end to the frequent merge conflicts.
- Loading branch information