Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Group dependabot updates #1079

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Group dependabot updates #1079

wants to merge 1 commit into from

Conversation

nyurik
Copy link
Member

@nyurik nyurik commented Feb 24, 2025

Ensure dependabot creates updates in batches

Fixes #1020

@nyurik
Group dependabot updates
28f1922 
Ensure dependabot creates updates in batches
@HarelM
Copy link
Collaborator

HarelM commented Feb 24, 2025

Are the batches related to a npm scope? How are these grouped?
In general, besides the fact that CI is currently unstable, the dependabot PRs are merged automatically and the fact that they are not grouped allows to know which package broke the build, so it's not a bad thing...

@nyurik
Copy link
Member Author

nyurik commented Feb 24, 2025

the batch is always per updater, i.e. NPM has one group, whereas if this project had Java, that would be a separate group. The groups are created daily. You do have a good point about breakage detection, but it is only useful if they break all the time. Usually, most batches will pass. In the rare case when they do not, we can fairly easily tell which component broke, and update them by hand. Overall, I think the net-gain will be significantly higher because it will lessen the mental load and flood of PRs

@codecov-commenter
Copy link

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 64.80%. Comparing base (af01346) to head (28f1922).
Report is 70 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #1079      +/-   ##
==========================================
+ Coverage   59.84%   64.80%   +4.95%     
==========================================
  Files         104      104              
  Lines        3011     5825    +2814     
  Branches      680     1724    +1044     
==========================================
+ Hits         1802     3775    +1973     
- Misses       1209     2048     +839     
- Partials        0        2       +2

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@birkskyum
Copy link
Member

With the open-pull-requests-limit: 20 removed, what's the default value it fall back on?

@nyurik
Copy link
Member Author

nyurik commented Feb 25, 2025

i am begining to question this PR myself tbh... having come from the Rust background, when dependencies are updated daily and there is a very high expected stability, in js it seems everything is far more.... unpredictable... so perhaps it is too soon to add this... I will just have to filter my mailbox from all the junk

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@louwers louwers louwers approved these changes

@birkskyum birkskyum Awaiting requested review from birkskyum

@HarelM HarelM Awaiting requested review from HarelM

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Make dependabot PRs contain multiple updates
5 participants
@nyurik @HarelM @codecov-commenter @birkskyum @louwers