Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 23 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,14 @@ updates:
labels:
- "test:full"
open-pull-requests-limit: 5
# vcert 0.18+ hard-pins pynacl/cryptography/six against the rest of CI, and
# pylint 4.x turns pre-existing warnings into hard CI failures; both are
# deliberately held (see the comments in requirements/static/ci/*.txt).
ignore:
- dependency-name: "vcert"
versions: [">=0.10.0"]
- dependency-name: "pylint"
versions: [">=4.0.0"]
groups:
all-pip-updates:
patterns:
Expand All @@ -27,6 +35,11 @@ updates:
labels:
- "test:full"
open-pull-requests-limit: 5
ignore:
- dependency-name: "vcert"
versions: [">=0.10.0"]
- dependency-name: "pylint"
versions: [">=4.0.0"]
groups:
all-pip-updates:
patterns:
Expand All @@ -43,6 +56,11 @@ updates:
labels:
- "test:full"
open-pull-requests-limit: 5
ignore:
- dependency-name: "vcert"
versions: [">=0.10.0"]
- dependency-name: "pylint"
versions: [">=4.0.0"]
groups:
all-pip-updates:
patterns:
Expand All @@ -59,6 +77,11 @@ updates:
labels:
- "test:full"
open-pull-requests-limit: 5
ignore:
- dependency-name: "vcert"
versions: [">=0.10.0"]
- dependency-name: "pylint"
versions: [">=4.0.0"]
groups:
all-pip-updates:
patterns:
Expand Down
6 changes: 4 additions & 2 deletions .github/workflows/dependabot-sync.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,10 @@ permissions:
jobs:
sync-requirements:
name: Sync .lock files
# Trigger for any dependabot actor
if: contains(github.actor, 'dependabot') || github.event_name == 'workflow_dispatch'
# Trigger for dependabot, and for the salt-pr-bot rebases that re-push
# dependabot branches (github.actor is salt-pr-bot[bot] on those events,
# which otherwise skips this job and leaves the lock files stale).
if: contains(github.actor, 'dependabot') || contains(github.actor, 'salt-pr-bot') || github.event_name == 'workflow_dispatch'
runs-on: ubuntu-latest
environment: workflow-restart
steps:
Expand Down
Loading