Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding Dependabot #326

Open
Mariatta opened this issue May 26, 2019 · 12 comments

Comments

Projects
None yet
5 participants
@Mariatta
Copy link
Member

commented May 26, 2019

I'd like to add dependabot to our projects.

  • miss-islington
  • bedevere
  • the-knights-who-say-ni
  • blurb-it
  • pythondotorg

Example PR by dependabot: python/miss-islington#232

  • Add dependabot-preview[bot] to the list of trusted users in our Heroku instance of the-knights-who-say-ni

Uninstall pyup-io:

  • miss-islington
  • bedevere
  • the-knights-who-say-ni
  • blurb-it
  • pythondotorg
@brettcannon

This comment has been minimized.

Copy link
Member

commented May 27, 2019

SGTM

@webknjaz

This comment has been minimized.

Copy link
Contributor

commented May 27, 2019

FTR GitHub has acquired Dependabot and they are integrating things into GitHub itself.

@Mariatta

This comment has been minimized.

Copy link
Member Author

commented May 28, 2019

@encukou I'm having trouble removing pyup.io integration from miss-islington. When I logged in to
https://pyup.io/account/repos/github/python/miss-islington/, it says that the integration was added by you, so I couldn't remove it.

Screen Shot 2019-05-27 at 7 25 12 PM

Can you remove pyup.io integration for python/miss-islington?

Thanks

@Mariatta

This comment has been minimized.

Copy link
Member Author

commented May 28, 2019

Strange, it is the same problem for blurb-it 🤔

Screen Shot 2019-05-27 at 7 34 24 PM

@encukou

This comment has been minimized.

Copy link
Member

commented May 28, 2019

Hmmm. I don't remember doing that, but here we are :)
I've removed pyup.io integration from miss-islington and blurb-it.
The integration is also set up for core-workflow (added by me), bedevere and the-knights-who-say-ni (both added by @brettcannon).
Should I remove pyup.io from core-workflow as well?

@Mariatta

This comment has been minimized.

Copy link
Member Author

commented May 29, 2019

Thanks. Hmm technically pyup.io is useless in core-workflow, there is no requirements text or anything like that. Might as well remove it

@brettcannon

This comment has been minimized.

Copy link
Member

commented May 30, 2019

If I need to remove anything just let me know.

@Mariatta

This comment has been minimized.

Copy link
Member Author

commented Jun 1, 2019

If I need to remove anything just let me know.

I've requested dependabot to be added to bedevere and the-knights-who-say-ni. I don't have the right permission to add it directly.
Once we've added dependabot to those repos, we can remove pyup.io

@Mariatta

This comment has been minimized.

Copy link
Member Author

commented Jun 3, 2019

Update: I requested automerge feature from dependabot (in closed beta), and it's been enabled for Python org. 🥳

@brettcannon

This comment has been minimized.

Copy link
Member

commented Jun 3, 2019

Yeah, turns out I don't have admin access anymore either.

@Mariatta

This comment has been minimized.

Copy link
Member Author

commented Jun 4, 2019

@ewdurbin can you look into installing dependabot to bedevere and the-knights-who-say-ni? Thanks.

@ewdurbin

This comment has been minimized.

Copy link
Member

commented Jun 6, 2019

@Mariatta I've reviewed and approved all pending installations for dependabot.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.