chore(.github): dependabot group for all GH actions #1628
Conversation
|
Some limitations to note for reviewers: source
|
|
If a change to dependabot.yaml breaks something, how will we observe this? |
There was a problem hiding this comment.
Seems really useful! Do you see this including the user profile Actions/workflows as well? Essentially us trying to get all related tests/workflows running from the same .yml file and CI build?
As is I have a different .yml file for each action and script to be super sure during testing, but I can look into combining them all under this. All 3 use checkout@v2 so far through a Ubuntu actions/setup-python@v4 setup, sounds like the latter part could be an issue.
I tried looking up on the internet how we could solve this, and laughed out loud reading this SO answer:
The action mentioned seems to be fixed. I made a PR to add it: #1642. |
Kind of unrelated here. This just tells dependabot to be less annoying and batch all PRs to update GH actions into one.
Nah, that's unnecessary. Specifying different jobs, even if they have to re-do the same thing, is good because it allows the jobs to be easily parallelised by the runners. |
Continuing the work in gnolang#1553, this adds a dependabot group to update all GH actions together.
following [this comment](#1628 (comment)) from @kristovatlas This action seems to only validate the JSON schema. For full validation, it's on GitHub to provide this -- tracked in this issue: dependabot/dependabot-core#4605
following [this comment](gnolang#1628 (comment)) from @kristovatlas This action seems to only validate the JSON schema. For full validation, it's on GitHub to provide this -- tracked in this issue: dependabot/dependabot-core#4605
Continuing the work in #1553, this adds a dependabot group to update all GH actions together.