[INFRA] Reviewing Dependabot updates for "development dependencies" is time consuming - Find alternatives #2511
Labels
chore
Build, CI/CD or repository tasks (issues/PR maintenance, environments, ...)
Milestone
Comments
tbouffard
added
the
chore
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Note: this is the same problem as described in process-analytics/process-analytics.dev#668
This project declares a lot of development dependencies. Reviewing PR created by Dependabot takes too much time and these PR create a lot of GitHub Actions jobs, see #2172. In particular, today, all e2e test are run when changing an unrelated development dependency.
We already limit the number of PR that Dependabot can create to avoid being overwhelmed (#1702) but this is still too much.
Proposal
Use tool like Renovate that are able to update several dependencies at the same time.
Notice that
dependabotrecently introduced a way to group dependency update: https://github.blog/changelog/2023-06-30-grouped-version-updates-for-dependabot-public-beta/See also
The investigation can be shared with the one of process-analytics/process-analytics.dev#668
The text was updated successfully, but these errors were encountered: