Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: grouped dependabot updates #264

Merged
merged 2 commits into from
Jul 11, 2024
Merged

chore: grouped dependabot updates #264

merged 2 commits into from
Jul 11, 2024

Conversation

kzantow
Copy link
Contributor

@kzantow kzantow commented Jul 8, 2024

This PR enables grouped dependabot updates

@kzantow
chore: grouped dependabot updates
73a08fd 
Signed-off-by: Keith Zantow <kzantow@gmail.com>
wagoodman
wagoodman reviewed Jul 8, 2024
View reviewed changes
Copy link
Contributor

@wagoodman wagoodman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm down for grouping dep PRs -- should we group minor and patch into a single PR and keep major versions in a separate PR (since those have the likely hood of breaking things per semver)?

@kzantow
chore: only minor and patch grouped or go updates
2538a1a 
Signed-off-by: Keith Zantow <kzantow@gmail.com>
@kzantow
Copy link
Contributor Author

kzantow commented Jul 8, 2024

@wagoodman I'm ok making more changes here, but for the time being I updated the go updates to exclude grouping the major version bumps but left this for action updates. Looking at our current pull requests, there are multiple major action bumps which are probably not causing problems, but 3 go updates to major and minor versions which do not pass all checks. Happy to make more changes here, just trying to reduce the noise as much as possible.

wagoodman
wagoodman approved these changes Jul 11, 2024
View reviewed changes
Copy link
Contributor

@wagoodman wagoodman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for thinking of this... there are a lot of dependabot PRs 😳

@wagoodman wagoodman merged commit 89215f4 into anchore:main Jul 11, 2024
7 checks passed
@wagoodman wagoodman added the dependencies Pull requests that update a dependency file label Aug 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wagoodman wagoodman wagoodman approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kzantow @wagoodman