Re-evaluate whether we should bundle linters for native helpers into the code #6908
Open
1 task done
Labels
build 🛠
Relates to building and releasing Dependabot
core 🍏
Relates to the dependabot-core library itself
T: tech-debt ⚙️
Is there an existing issue for this?
Code improvement description
❓ We get regular bumps of the linters/static code analyzers used in native helpers like
eslint
,phpstan
, etc, and even though it's relatively trivial to bump them, it doesn't add much value to do that week after week. A few options I see:@dependabot rebase
the next one since we aren't as aggressive about rebasing anymoredependabot-
core... it's been helpful for this use case in an internal repo, for safety I only queue up one per ecosystem to avoid stepping on each other, but this would let us merge one-linter-per-ecosystem concurrently across multiple ecosystemsyamllint
(Runyamllint
on PR's #5572) and haven't gotten to it, this would let us pick that up for freeOne tricky bit is illustrated by #6830. Some linters will need to be run against a matrix of runtime versions.
Thoughts?
The text was updated successfully, but these errors were encountered: