secure-repo icon indicating copy to clipboard operation
secure-repo copied to clipboard
verified publisher icon step-security

Do not recommend Dependabot configuration over other tools

Open miguelnietoa opened this issue 3 years ago • 2 comments

Hello @varunsh-coder 👋🏻

I would like to request that Dependabot configuration not be recommended when a repository already includes another dependency update tool like Renovate.

Here you can find info on where the Renovate configuration file can be located. https://docs.renovatebot.com/configuration-options/

A more thorough investigation of more dependency update tools is needed... But I think detecting Renovate is a good start!

Thanks 😄

miguelnietoa avatar Jan 12 '23 22:01 miguelnietoa

Thanks, @miguelnietoa, for creating the issue. This makes sense.

Each of the recommendations in the PR are optional, and so one can uncheck the dependabot recommendation.

In the future, we can check for renovate config before suggesting adding dependabot config.

varunsh-coder avatar Jan 12 '23 23:01 varunsh-coder

In the future, we can check for renovate config before suggesting adding dependabot config.

This would be a nice feature to add!

WikiRik avatar Jan 26 '23 14:01 WikiRik