Support Ignoring Specific Versions #375
Comments
|
I don't think a .dependabot/config.yml is supported, unfortunately. We've tried that but it didn't work. |
|
No plans for supporting |
|
If I had a clue about Ruby I probably would, unfortunately, I'm not a massive Ruby fan so wouldn't know where to begin. I hope someone can find the time to implement this. |
|
@greysteil I'm on github enterprise at the moment and might not have access to the official dependabot goodness for some time. If I can free up some bandwidth for a PR, is there any preference as far as yaml format? Also, given other features here might also want to leverage a config.yml, does the dependabot team have any asks regarding implementation? |
|
I'd go for compatibility with the format the main application uses - docs for that are at https://dependabot.com/docs/config-file/. Maybe start with just the bits you need and leave it to others to extend further |
I am running dependabot-script against https://mvnrepository.com/artifact/org.springframework.cloud/spring-cloud-stream-dependencies . The problem I am running into is that this repository began being versioned like this:
Then transitioned to being versioned like this:
Consequently, the dependabot-script ends up thinking that I should update from Fishtown.SR2 (released March 2019) to 1.0.3 (released September 2016) which is incorrect.
I was wondering if there was any current or planned way to pass a list of ignored versions to dependabot-script so we could clean up this confusion manually.
The text was updated successfully, but these errors were encountered: