New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

disable dependabot? #54

Closed

yarikoptic opened this issue Sep 6, 2023 · 1 comment · Fixed by #57

Assignees

Member

yarikoptic commented Sep 6, 2023

We have requirements.txt for various notebooks.

dependabot sends multitude PRs: https://github.com/dandi/example-notebooks/pulls?q=is%3Apr+dependabot+
@bendichter merged some, some remain open
there is no guarantee that notebooks would work with more recent versions of dependencies
there is no guarantee that results would be reproducible with newer versions
there is no guarantee that new upgraded versions would be coinstallable and compatible with older versions of the others

with that in mind, I think we should just disable dependabot for this repo and close all those PRs unmerged

If there is no feedback/counter arguments, I will do that in a week

yarikoptic self-assigned this

yarikoptic mentioned this issue

Add dependabot.yml to explicitly disable pip updates #57

Merged

Member

bendichter commented Sep 21, 2023

Yes, I think that's fine. I thought it would be a quick thing but the PRs keep on coming

yarikoptic closed this as completed in #57

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment