New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support sbt projects #352

Open
albuch opened this Issue Apr 18, 2018 · 5 comments

Comments

Projects
None yet
4 participants
@albuch

albuch commented Apr 18, 2018

Hey,
it would be awesome to support sbt dependencies and plugin dependencies as well.

https://www.scala-sbt.org/1.x/docs/Library-Dependencies.html
https://www.scala-sbt.org/1.x/docs/Using-Plugins.html

Multi-projects are supported in sbt as well and is a common use case so that should be considered as well: https://www.scala-sbt.org/1.x/docs/Multi-Project.html

@albuch albuch changed the title from Support sbt to Support sbt projects Apr 18, 2018

@greysteil

This comment has been minimized.

Member

greysteil commented Apr 18, 2018

Totally up for this. I've got some work to do getting Maven support out of beta first, but once that's done sbt support would be a great addition.

@tyrcho

This comment has been minimized.

tyrcho commented Sep 15, 2018

My company is working with scala, once support for Gitlab and sbt is there I'd be happy to become a paying customer of dependabot.

@greysteil

This comment has been minimized.

Member

greysteil commented Sep 15, 2018

Thanks @tyrcho. I'm still really keen on adding both - will keep you posted.

@tyrcho

This comment has been minimized.

tyrcho commented Oct 17, 2018

I ran into this sbt plugin which should help a lot !
https://github.com/rtimush/sbt-updates

You can append addSbtPlugin("com.timushev.sbt" % "sbt-updates" % "0.3.4") to the end of project/plugins.sbt (creating it if not present) and then run sbt dependencyUpdates and parse the output in stdout. It looks like that:

[info] Found 10 dependency updates for notification-impl
[info]   com.datadoghq:dd-java-agent:dd-java-agent            : 0.10.0           -> 0.16.0
[info]   com.lightbend.lagom:lagom-logback                    : 1.4.6  -> 1.4.8           
[info]   com.lightbend.lagom:lagom-reloadable-server:dev-mode : 1.4.6  -> 1.4.8           
[info]   com.lightbend.lagom:lagom-scaladsl-dev-mode          : 1.4.6  -> 1.4.8           
[info]   com.lightbend.lagom:lagom-scaladsl-server            : 1.4.6  -> 1.4.8          

Note that in multi-project build you will have duplicated lines.

Even partial support for sbt in dependabot would be great (ie creating the PR to notify the library has been updated). It will probably be impossible to cover all ways in which versions are defined in sbt since you can code in your build files.

@mark-dhl

This comment has been minimized.

mark-dhl commented Nov 3, 2018

A project by @fthomas already does this. Hope you could maybe setup some sort of collaboration !

https://github.com/fthomas/scala-steward

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment