Resonate Configure Dependabot to automate Dependency Version updates

We should add Dependabot to the repository to automate dependency version upgrades

Nov 04 '25 10:11 M4dhav

👋 Hello @M4dhav!
Thank you for opening this issue. Our team will review it soon. 🚀

If you can, please provide more details like steps to reproduce, expected vs. actual behavior, and screenshots (if applicable). 📌

We appreciate your contribution! 💡

Nov 04 '25 10:11 github-actions[bot]

@M4dhav can I update it ? Can you please assign this to me ?

Nov 04 '25 10:11 4555jan

As you already have multiple issues assigned to you, once some of those are finished then I can assign this to you

Nov 04 '25 10:11 M4dhav

I think i can work on this issue as i already have experience with solving dependency conflicts and other issue assigned to me is related to document creation, not exactly coding ofcs. Please assign if you feel i can contribute

Nov 04 '25 11:11 Charan-BS

Alongside this, would adding a dependabot config to do this periodically automatically be a good idea? It would work as long as major versions aren't in the updates.

Nov 04 '25 11:11 M4dhav

can you provide me some more details so I can work on the issue

Nov 06 '25 15:11 Sinhapratik006

Hi @Sinhapratik006, as this task is assigned to me and I will be working with the issue, I would suggest you to look for other issues .

Thank you.

Nov 06 '25 16:11 Charan-BS

@Charan-BS Okay bro

Nov 06 '25 16:11 Sinhapratik006

Alongside this, would adding a dependabot config to do this periodically automatically be a good idea? It would work as long as major versions aren't in the updates.

@Charan-BS I wanted your opinion on this, what do you think about this

Nov 09 '25 19:11 M4dhav

Well, I got to know depandabot can be best used to update minor versions and we can set depandabot interval like monthly, weekly, daily.

But as iam implementing this for this first time iam not very sure how it will handle when it comes to dependency conflict.For ex: If it raises a single PR when a new version of firebase_core is there, the other firebase packages needs to updated alongside to avoid dependancy conflict

So iam in dilemma should we use this or not What's ur take on this

Nov 10 '25 03:11 Charan-BS

Can we configure Dependabot to update all dependencies together instead of 1 by 1? Or atleast to update all dependencies related to firebase together?

Nov 10 '25 06:11 M4dhav

I need to check it can be done or not, I will let you know Dp you know any repo which is using deandabot currently?

Nov 10 '25 06:11 Charan-BS

A lot of repos use dependabot. While I don't remember any repos that use it particularly, you should be able to find some pretty easilly

Nov 10 '25 08:11 M4dhav

Got it. I will search for few and let you know what can be done

Nov 10 '25 08:11 Charan-BS

Hey @M4dhav @Charan-BS

Will updating all these packages cause any issues in the project?

Nov 11 '25 15:11 rahul-vyas-dev

hey @4555jan I don't found any repo that uses deandabot but you can check-out this passy

Nov 11 '25 15:11 rahul-vyas-dev

Hi, I would like to work on this issue. Can you please guide me which dependencies need to be updated and in which file? I am a begginer contributor.

Nov 11 '25 18:11 npniranjan539-arch

Hey @rahul-vyas-dev , updating might cause issues if updating to major versions and using APIs that have been changed.

Hey @npniranjan539-arch welcome to the repository. Unfortunately this issue is already assigned to another contributor, but feel free to find something else to contribute to!

Nov 11 '25 18:11 M4dhav

Ok sir thank you

On Wed, Nov 12, 2025, 12:27 AM Madhav Gupta @.***> wrote:

M4dhav left a comment (AOSSIE-Org/Resonate#586) https://github.com/AOSSIE-Org/Resonate/issues/586#issuecomment-3518350048

Hey @rahul-vyas-dev https://github.com/rahul-vyas-dev , updating might cause issues if updating to major versions and using APIs that have been changed.

Hey @npniranjan539-arch https://github.com/npniranjan539-arch welcome to the repository. Unfortunately this issue is already assigned to another contributor, but feel free to find something else to contribute to!

— Reply to this email directly, view it on GitHub https://github.com/AOSSIE-Org/Resonate/issues/586#issuecomment-3518350048, or unsubscribe https://github.com/notifications/unsubscribe-auth/BW2YIC4FLAWEKICNNCH4KBT34IWP7AVCNFSM6AAAAACLCS63L6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZTKMJYGM2TAMBUHA . You are receiving this because you were mentioned.Message ID: @.***>

Nov 11 '25 19:11 npniranjan539-arch

Thanks for sharing this @M4dhav . If I resolve this issue then can I raise a PR for this??

Nov 12 '25 08:11 rahul-vyas-dev

Hi @rahul-vyas-dev, As this issue is assigned to me and Iam already working on the issue, i would suggest you to look for others

Thanks

Nov 12 '25 11:11 Charan-BS

Hi @Charan-BS Sure, no problem! Thanks for letting me know — I’ll check out other available issues to contribute to.

Good luck with your work on this one!

If you have other issues to work on let me know 😊😊😊

Nov 12 '25 11:11 rahul-vyas-dev

Part of this issue was completed in #599 , so the scope will now change to configuring Dependabot

Nov 13 '25 17:11 M4dhav

Thank you for the update! Since the issue now involves backend changes, I’ll look for a frontend/UI issue to contribute instead. 🙂

On Thu, Nov 13, 2025, 11:21 PM Madhav Gupta @.***> wrote:

M4dhav left a comment (AOSSIE-Org/Resonate#586) https://github.com/AOSSIE-Org/Resonate/issues/586#issuecomment-3529003973

Part of this issue was completed in #599 https://github.com/AOSSIE-Org/Resonate/pull/599 , so the scope will now change to shifting to TablesDB API

— Reply to this email directly, view it on GitHub https://github.com/AOSSIE-Org/Resonate/issues/586#issuecomment-3529003973, or unsubscribe https://github.com/notifications/unsubscribe-auth/BW2YIC46CEMPYZ4C3ZLZTCL34TAJDAVCNFSM6AAAAACLCS63L6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZTKMRZGAYDGOJXGM . You are receiving this because you were mentioned.Message ID: @.***>

Nov 13 '25 18:11 npniranjan539-arch