From ee0215b2a241e2881c3ceec41a6a2979468be509 Mon Sep 17 00:00:00 2001 From: Laurent Sorber Date: Tue, 2 Apr 2024 07:14:01 +0000 Subject: [PATCH 1/4] feat: optimize Dependabot config --- .github/workflows/test.yml | 2 +- .../.github/dependabot.yml | 44 +++++++++++++++++-- .../.github/workflows/publish.yml | 2 +- .../.github/workflows/test.yml | 2 +- 4 files changed, 43 insertions(+), 7 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 0188a3be..5f19accb 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -25,7 +25,7 @@ jobs: path: template - name: Set up Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: "3.9" diff --git a/{{ cookiecutter.__project_name_kebab_case }}/.github/dependabot.yml b/{{ cookiecutter.__project_name_kebab_case }}/.github/dependabot.yml index e98ee6ed..ae83b3a6 100644 --- a/{{ cookiecutter.__project_name_kebab_case }}/.github/dependabot.yml +++ b/{{ cookiecutter.__project_name_kebab_case }}/.github/dependabot.yml @@ -8,15 +8,51 @@ updates: commit-message: prefix: "ci" prefix-development: "ci" - include: "scope" + include: scope + groups: + ci-dependencies: + patterns: + - "*" +{%- if cookiecutter.with_fastapi_api|int or cookiecutter.with_streamlit_app|int or cookiecutter.with_typer_cli|int %} - package-ecosystem: pip directory: / schedule: interval: monthly commit-message: - prefix: "build" + prefix: "chore" prefix-development: "build" - include: "scope" + include: scope + versioning-strategy: increase + allow: + - dependency-type: production +{%- endif %} + - package-ecosystem: pip + directory: / + schedule: + interval: monthly + commit-message: + prefix: "chore" + prefix-development: "build" + include: scope + versioning-strategy: increase + allow: + - dependency-type: development + groups: + development-dependencies: + patterns: + - "*" + - package-ecosystem: pip + directory: / + schedule: + interval: monthly + commit-message: + prefix: "chore" + prefix-development: "build" + include: scope versioning-strategy: lockfile-only allow: - - dependency-type: "all" + - dependency-type: indirect + groups: + transitive-dependencies: + patterns: + - "*" diff --git a/{{ cookiecutter.__project_name_kebab_case }}/.github/workflows/publish.yml b/{{ cookiecutter.__project_name_kebab_case }}/.github/workflows/publish.yml index 546af45e..503f9f6c 100644 --- a/{{ cookiecutter.__project_name_kebab_case }}/.github/workflows/publish.yml +++ b/{{ cookiecutter.__project_name_kebab_case }}/.github/workflows/publish.yml @@ -14,7 +14,7 @@ jobs: uses: actions/checkout@v4 - name: Set up Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: "{{ cookiecutter.python_version }}" diff --git a/{{ cookiecutter.__project_name_kebab_case }}/.github/workflows/test.yml b/{{ cookiecutter.__project_name_kebab_case }}/.github/workflows/test.yml index 48ad286b..2d5e58d6 100644 --- a/{{ cookiecutter.__project_name_kebab_case }}/.github/workflows/test.yml +++ b/{{ cookiecutter.__project_name_kebab_case }}/.github/workflows/test.yml @@ -42,6 +42,6 @@ jobs: run: devcontainer exec --workspace-folder . poe test - name: Upload coverage - uses: codecov/codecov-action@v3 + uses: codecov/codecov-action@v4 with: files: reports/coverage.xml From fa373156f606fa346c95ec49c4815c2009507c1b Mon Sep 17 00:00:00 2001 From: Laurent Sorber Date: Tue, 2 Apr 2024 07:31:15 +0000 Subject: [PATCH 2/4] fix: group app runtime dependency updates --- .../.github/dependabot.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/{{ cookiecutter.__project_name_kebab_case }}/.github/dependabot.yml b/{{ cookiecutter.__project_name_kebab_case }}/.github/dependabot.yml index ae83b3a6..4210add3 100644 --- a/{{ cookiecutter.__project_name_kebab_case }}/.github/dependabot.yml +++ b/{{ cookiecutter.__project_name_kebab_case }}/.github/dependabot.yml @@ -25,6 +25,10 @@ updates: versioning-strategy: increase allow: - dependency-type: production + groups: + runtime-dependencies: + patterns: + - "*" {%- endif %} - package-ecosystem: pip directory: / From a7d6d6e4897beeff937b04f533dbe0a5c8e8ca8c Mon Sep 17 00:00:00 2001 From: Laurent Sorber Date: Tue, 2 Apr 2024 07:33:14 +0000 Subject: [PATCH 3/4] fix: fix yaml whitespace --- .../.github/dependabot.yml | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/{{ cookiecutter.__project_name_kebab_case }}/.github/dependabot.yml b/{{ cookiecutter.__project_name_kebab_case }}/.github/dependabot.yml index 4210add3..d3809615 100644 --- a/{{ cookiecutter.__project_name_kebab_case }}/.github/dependabot.yml +++ b/{{ cookiecutter.__project_name_kebab_case }}/.github/dependabot.yml @@ -10,9 +10,9 @@ updates: prefix-development: "ci" include: scope groups: - ci-dependencies: - patterns: - - "*" + ci-dependencies: + patterns: + - "*" {%- if cookiecutter.with_fastapi_api|int or cookiecutter.with_streamlit_app|int or cookiecutter.with_typer_cli|int %} - package-ecosystem: pip directory: / @@ -26,9 +26,9 @@ updates: allow: - dependency-type: production groups: - runtime-dependencies: - patterns: - - "*" + runtime-dependencies: + patterns: + - "*" {%- endif %} - package-ecosystem: pip directory: / @@ -42,9 +42,9 @@ updates: allow: - dependency-type: development groups: - development-dependencies: - patterns: - - "*" + development-dependencies: + patterns: + - "*" - package-ecosystem: pip directory: / schedule: @@ -57,6 +57,6 @@ updates: allow: - dependency-type: indirect groups: - transitive-dependencies: - patterns: - - "*" + transitive-dependencies: + patterns: + - "*" From 866fac5e5a22919353dabe1a89b28d09a16a6fd6 Mon Sep 17 00:00:00 2001 From: Laurent Sorber Date: Fri, 19 Apr 2024 13:33:51 +0000 Subject: [PATCH 4/4] fix: validate Dependabot schema --- .../.github/dependabot.yml | 42 ++++--------------- 1 file changed, 8 insertions(+), 34 deletions(-) diff --git a/{{ cookiecutter.__project_name_kebab_case }}/.github/dependabot.yml b/{{ cookiecutter.__project_name_kebab_case }}/.github/dependabot.yml index d3809615..b402007e 100644 --- a/{{ cookiecutter.__project_name_kebab_case }}/.github/dependabot.yml +++ b/{{ cookiecutter.__project_name_kebab_case }}/.github/dependabot.yml @@ -13,7 +13,6 @@ updates: ci-dependencies: patterns: - "*" -{%- if cookiecutter.with_fastapi_api|int or cookiecutter.with_streamlit_app|int or cookiecutter.with_typer_cli|int %} - package-ecosystem: pip directory: / schedule: @@ -22,41 +21,16 @@ updates: prefix: "chore" prefix-development: "build" include: scope - versioning-strategy: increase allow: + {%- if cookiecutter.project_type == "app" %} - dependency-type: production - groups: - runtime-dependencies: - patterns: - - "*" -{%- endif %} - - package-ecosystem: pip - directory: / - schedule: - interval: monthly - commit-message: - prefix: "chore" - prefix-development: "build" - include: scope - versioning-strategy: increase - allow: + {%- endif %} - dependency-type: development + versioning-strategy: increase groups: + {%- if cookiecutter.project_type == "app" %} + runtime-dependencies: + dependency-type: production + {%- endif %} development-dependencies: - patterns: - - "*" - - package-ecosystem: pip - directory: / - schedule: - interval: monthly - commit-message: - prefix: "chore" - prefix-development: "build" - include: scope - versioning-strategy: lockfile-only - allow: - - dependency-type: indirect - groups: - transitive-dependencies: - patterns: - - "*" + dependency-type: development