Dependabot / security scanning #504
Unanswered
indigoviolet
asked this question in
Q&A
Replies: 2 comments
-
|
I have this same question. It seems to work just fine for non-dev packages, but it does not seem to work the dev dependencies. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
As a workaround, I have set up the following in .pre-commit-config.yaml: repos:
- repo: local
hooks:
- id: update requirements.txt for dependabot
name: update requirements.txt for dependabot
entry: bash -c 'sed -e "/^-e/d" -e "s/setuptools/# setuptools/" requirements.lock > .github/dependabot/requirements.txt'
language: system
- repo: local
hooks:
- id: update requirements-dev.txt for dependabot
name: update requirements-dev.txt for dependabot
entry: bash -c 'sed -e "/^-e/d" -e "s/setuptools/# setuptools/" requirements-dev.lock > .github/dependabot/requirements-dev.txt'
language: systemRunning an equivalent shell script from GitHub Actions could also be a good idea! |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
What is the best way to work with Dependabot etc while using rye?
Beta Was this translation helpful? Give feedback.
All reactions