ci(deps): group Dependabot updates by devDeps vs prod deps #12890
Commits on Apr 4, 2024
-
ci(deps): group Dependabot updates by devDeps vs prod deps
- per https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#groups - note that `applies-to` is necessary as it defaults to `version-updates` per the docs - I thought it would default to _both_, but they seem to be mutually exclusive in `applies-to`? we don't use `version-updates` in any case though - generally, security updates for prod deps should be backported, while devDeps are not strictly necessary - so splitting these is helpful for cherry-picking, especially if there might be conflicts (which may be more likely with devDeps and build chain changes) Signed-off-by: Anton Gilgur <agilgur5@gmail.com>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.