Adjust dependabot config to reduce dependabot issue frequency #6966
Labels
area/ci
area/dependencies
kind/health
For CI/testing/release process/refactoring/technical debt items
triage/discuss
Needs decision / discussion, bring these up during Cirq Cynque
Comments
mhucka
added
area/ci
area/dependencies
kind/health
NoureldinYosri
added
the
triage/discuss
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description of the issue
It's good that Dependabot is running and keeping dependencies up to date, but bad because it's creating a lot of individual PRs every week that require developer time spent dealing with them:
Dependabot has some config knobs we can fiddle with. We could try to adjust the config to reduce the spam. We could also investigate the use of auto-merging actions (e.g., merge-me-action) to auto-merge some Dependabot updates that are a low-risk. (E.g., maybe cirq-web JS updates can be auto-merged if they only involve minor version changes.)
The text was updated successfully, but these errors were encountered: