Removal of dependabot

[djaiss]

Dependabot creates a lot of noise in the commit logs.

Could we, instead, schedule a github action that would do a composer update and yarn every week, and commit this with a simple commit message, instead of 12 commits? @asbiin what do you think?

[asbiin]

I don't think that's recommended neither feasible.
Changing dependencies can lead to test fails, and diagnosis of fails would be very hard if multiple upgrade are mixed in a same commit/PR.
Example with these PR:

• chore(deps): bump laravel/framework from 8.15.0 to 8.16.1 #415 : I had to fix a value that has changed (obsolete)
• chore(deps-dev): bump phpunit/phpunit from 9.4.3 to 9.5.0 #428 : phpunit upgrade will require some adaptation
• chore(deps-dev): bump vimeo/psalm from 4.2.1 to 4.3.1 #429 : psalm upgrade advice new (relevant) fixes

I understand you see that as "noise", but on the other hand it guarantee the stability of the product. (you just have to made more commits yourself!)

[github-actions]

This issue has been automatically locked since there
has not been any recent activity after it was closed.
Please open a new issue for related bugs.