thebe icon indicating copy to clipboard operation
thebe copied to clipboard

Published 20 hours ago verified publisher icon executablebooks

Enable Dependabot - 31 Oct

Open stevejpurves opened this issue 4 years ago • 1 comments

Description / Summary

Re-enable dependabot prior to next major release.

Dependabot has been temporarily disabled, while we carry our some major changes in the library, which should include some more structured upgrades to dependencies.

Value / benefit

Dependabot is useful for flagging changes to dependencies that we should react to and upgrade. This is useful in production dependencies but less useful in development dependencies.

Implementation details

No response

Tasks to complete

  • [ ] renamed dependabot by 31 Oct
  • [ ] assess and make upgrades to dependencies as suggested

stevejpurves avatar Sep 20 '21 19:09 stevejpurves

we can also limit dependabot to flag updated to production dependencies only, which should reduce fatigue. See a similar change on the ipywidgets repo https://github.com/jupyter-widgets/ipywidgets/pull/3402/files

stevejpurves avatar Mar 08 '22 17:03 stevejpurves