-
-
Notifications
You must be signed in to change notification settings - Fork 487
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Keep GitHub Actions up to date with GitHub's Dependabot #708
Conversation
Hi @cclauss, thank you for this PR, however I'm not really interested in adding Dependabot. It has pretty bad habits and a history of spamming open source projects. It's also overkill for a very slow-moving repo like this one. Having weekly or even monthly bot commits would mean ~50% of all PRs being from bots, and that's usually a bad sign and too much churn. |
|
Hi @cclauss, I was adding this too in the meanwhile on a working branch of mine, when I happened to notice your PR – @rgommers, I would suggest getting this in so that we can have updates for GitHub Actions, now that we will be pushing nightly wheels soon (#706, scientific-python/upload-nightly-action#75). I would be happy to be assigned for review on such PRs. We could enable the rebase option as well in case that can help keep a single PR clean. P.S. I was initially adding it on a daily cadence (I like that personally), but having it monthly would be perfectly fine. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Okay, that is two votes in favor - let's give this a go. Thanks @cclauss
Dependabot will fix the warnings are the bottom right of https://github.com/PyWavelets/pywt/actions/runs/8202874983
One instance is that the following should all be
actions/setup-python@v5
https://github.com/search?q=repo%3APyWavelets%2Fpywt%20actions%2Fsetup-python&type=code