Skip to content

build(dependabot): ignore minor and patch github-actions updates #66

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Fdawgs merged 4 commits into from
Nov 17, 2021
Merged

build(dependabot): ignore minor and patch github-actions updates #66

Fdawgs merged 4 commits into from
Nov 17, 2021

Conversation

@Fdawgs
Copy link
Member

@Fdawgs Fdawgs commented Nov 16, 2021

Resolves issue raised in #65, adapted from example here.

Checklist

@Fdawgs
Copy link
Member Author

Fdawgs commented Nov 16, 2021
edited
Loading

Okay so GitHub's own actions follow this tag style for major releases, so specifying actions/setup-node@v2 will get the latest v2.*.* of that action.

fastify/github-action-merge-dependabot does not follow this and does not have a v2. If I drop that back to v2.0.0 then it will stay at that version, and not automatically use v2.5.0.

To accommodate for this, I can stop minor and patch updates for only Github's own actions in the actions/ namespace, and then increase the interval from daily to monthly so we still get fastify/github-action-merge-dependabot updates but at a less frequent pace.
Alternatively, fastify/github-action-merge-dependabot needs to be updated to follow GitHub Action's tagging process.

Thoughts @jsumners, @mcollina?

@jsumners
Copy link
Member

jsumners commented Nov 16, 2021

I really don't enjoy automatically updating the Actions's versions to begin with. So the fewer notifications from Dependabot about it, the better.

@Fdawgs Fdawgs mentioned this pull request Nov 16, 2021
Merged
1 task
@Fdawgs Fdawgs merged commit 5b75202 into fastify:master Nov 17, 2021
@Fdawgs Fdawgs deleted the build/dependabot branch November 17, 2021 09:37
@Fdawgs Fdawgs mentioned this pull request Nov 17, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jsumners jsumners jsumners approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Fdawgs @jsumners