-
Notifications
You must be signed in to change notification settings - Fork 920
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
@dependabot recreate
should incorporate config changes in dependabot.yml
that happened after the original PR was created
#2529
Comments
Yes, mostly, I think. It looks like we would need to configure a prefix with our usual pattern and some Jira ticket/issue, and remember to update the prefix with a new Jira ticket/issue each time we publish a release and start work on the next one. Thanks! |
You're welcome! Since the prefix would need to be configured before the commit message is initially written, you'd need to maintain it in your dependabot.yml file and change it when you switch milestones (maybe using a github action that runs on a The only other option I can think of would be to write a github action that runs each time a PR is created by dependabot and calls |
@mwaddell Hi .I got this working in unicode-org/cldr#1895 for CLDR (one of the projects mentioned above). However, it seems that we now get dependency updates (which is great), but
We haven't had any new security PRs come in from dependabot, so maybe those will be OK when they come? Let me know if you have any advice, thanks. |
@srl295 Yes, this is a known issue (#4652) - Neither |
Many thanks @mwaddell for chiming in here. I'm going to close because:
|
What's not addressed yet (though we are glad to have dependabot!) is a way to handle that change of targetted ticket and thus commit message, around release time. I think the reason I thought |
Yeah, that request makes sense--essentially you're looking for a "dependabot, please force rebuild the PR using my latest dependabot.yml config, even if the actual package version that's getting pulled didn't change". That's certainly the more intuitive behavior for how I'd expect a Given it doesn't work that way internally today, I'm going to reopen. To set expectations, this probably will be lower priority for a while compared to some of the other stuff we're working on that affects more folks. |
@dependabot recreate
should incorporate config changes in dependabot.yml
that happened after the original PR was created
In some of the unicode-org projects and repos (CLDR & ICU) we require commit messages to start with a specific type of text (project plus Jira ticket number, for cross-linking Jira<->PR). For accepting dependabot changes it would be great if there was an action like
@dependabot message prefix my_custom_prefix
which usedgit commit --amend
to apply the prefix (and add a space between the prefix and the original message). It could be sticky per repo, for convenience. (We would change it to a different prefix / different Jira ticket number every so often.)For example, see CLDR & ICU commits:
The text was updated successfully, but these errors were encountered: