dependabot / dependabot-core Public

5 Pull requests merged by 5 people

• Bump cargo from 1.51.0 to 1.58.0

  #4677 merged Jan 31, 2022

• v0.171.4

  #4678 merged Jan 27, 2022

• Adding "devDependencies" support for nuget projects.

  #4671 merged Jan 27, 2022

• Add releases to list of changelog file strings

  #4599 merged Jan 27, 2022

• Prevent unnecessary composer package downloads

  #4635 merged Jan 27, 2022

9 Pull requests opened by 4 people

• build(deps): bump @npmcli/arborist from 4.2.1 to 4.3.0 in /npm_and_yarn/helpers

  #4679 opened Jan 28, 2022

• build(deps-dev): bump eslint from 8.7.0 to 8.8.0 in /npm_and_yarn/helpers

  #4684 opened Jan 31, 2022

• build(deps): bump pip from 21.3.1 to 22.0.2 in /python/helpers

  #4685 opened Jan 31, 2022

• build(deps): bump cython from 0.29.26 to 0.29.27 in /python/helpers

  #4686 opened Jan 31, 2022

• Add support for Python 3.9.10

  #4692 opened Feb 1, 2022

• Fix peer dependency regex for cases with 2 semver constraints

  #4693 opened Feb 1, 2022

• Fix Running with Docker section to find the image that was just pulled

  #4694 opened Feb 1, 2022

• build(deps-dev): bump phpstan/phpstan from 1.4.2 to 1.4.5 in /composer/helpers/v2

  #4695 opened Feb 3, 2022

• build(deps-dev): bump phpstan/phpstan from 1.4.2 to 1.4.5 in /composer/helpers/v1

  #4696 opened Feb 3, 2022

7 Issues closed by 6 people

• Create DRAFT PRs

  #1963 closed Jan 30, 2022

• Cancel CI if PR is being rebased

  #2388 closed Jan 30, 2022

• "Merge on approval" on GitHub-native Dependabot

  #2376 closed Jan 30, 2022

• configuration option for submodules to edit existing PRs rather than making new ones

  #4674 closed Jan 29, 2022

• New dependabot command "remove"

  #4076 closed Jan 29, 2022

• Dependabot fails with Rust named profiles

  #4676 closed Jan 28, 2022

• Add nuget support for `commit-message: prefix-development`

  #4659 closed Jan 27, 2022

4 Issues opened by 4 people

• [GitHub Actions] Comment with version after updating pin-by-hash action workflow dependencies

  #4691 opened Feb 1, 2022

• Support for pyproject.toml

  #4683 opened Jan 30, 2022

• Add support for maven-dependecies inside eclipse-pde target files

  #4682 opened Jan 30, 2022

• New option to trigger a workflow upon run completion

  #4680 opened Jan 29, 2022

48 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• Dart/Flutter pub support

  #4510 commented on Feb 3, 2022  1¤7 26 new comments

• Notification on error

  #3509 commented on Jan 29, 2022  1¤7 4 new comments

• Update dependency in same PR instead of superseding it

  #3993 commented on Jan 29, 2022  1¤7 3 new comments

• Status check to prevent merging during rebases

  #4570 commented on Jan 30, 2022  1¤7 3 new comments

• action to amend commit message with custom prefix

  #2529 commented on Jan 31, 2022  1¤7 3 new comments

• Specify Target Framework for .NET libraries

  #2733 commented on Feb 1, 2022  1¤7 3 new comments

• Yarn.lock is updated with public registry instead of private one

  #4669 commented on Feb 1, 2022  1¤7 3 new comments

• Option to delay pull request creation after a new release

  #4338 commented on Feb 1, 2022  1¤7 3 new comments

• Update Cargo to version 1.57

  #4574 commented on Jan 27, 2022  1¤7 2 new comments

• Configure dependabot to create draft PRs

  #1291 commented on Jan 30, 2022  1¤7 2 new comments

• Pinning-by-hash upgrade

  #3699 commented on Jan 31, 2022  1¤7 2 new comments

• Drupal project dependabot runs are very slow

  #2999 commented on Feb 1, 2022  1¤7 2 new comments

• Clojure support

  #572 commented on Feb 3, 2022  1¤7 2 new comments

• Manually trigger an update for a dependency

  #2980 commented on Feb 3, 2022  1¤7 2 new comments

• Add support for Swift Package Manager

  #3772 commented on Feb 2, 2022  1¤7 2 new comments

• Unable to authenticate to private repository using token option

  #4502 commented on Jan 27, 2022  1¤7 1 new comment

• [.NET|NuGet] Add support for PackageDownload

  #2920 commented on Jan 27, 2022  1¤7 1 new comment

• Support configuring allowed updates for security updates using config file

  #2521 commented on Jan 28, 2022  1¤7 1 new comment

• Slack support

  #4642 commented on Jan 29, 2022  1¤7 1 new comment

• Dependabot to target only given dependency or dependencies

  #4404 commented on Jan 29, 2022  1¤7 1 new comment

• rebase-strategy: auto + delay

  #4057 commented on Jan 29, 2022  1¤7 1 new comment

• Support multiple directories to bump the same package across dependency files

  #3856 commented on Jan 29, 2022  1¤7 1 new comment

• Create an issue when getting any error

  #3626 commented on Jan 29, 2022  1¤7 1 new comment

• Update badges to be compatible with the new native GitHub Dependabot

  #1912 commented on Jan 29, 2022  1¤7 1 new comment

• badge issues after switch from dependabot-preview to GitHub's dependabot

  #1960 commented on Jan 29, 2022  1¤7 1 new comment

• Consider rewording description for dependabot recreate command

  #3449 commented on Jan 29, 2022  1¤7 1 new comment

• Perform custom action after updating dependencies

  #3100 commented on Jan 29, 2022  1¤7 1 new comment

• Org wide Dependabot dashboard

  #2936 commented on Jan 29, 2022  1¤7 1 new comment

• Automatic PR merging with branch protection rules

  #2034 commented on Jan 29, 2022  1¤7 1 new comment

• Support grouping for "must-be-updated-together" dependencies

  #1296 commented on Jan 29, 2022  1¤7 1 new comment

• Select where to create branch from

  #2721 commented on Jan 29, 2022  1¤7 1 new comment

• Improvement Proposal: Configurable Pull Requests

  #2672 commented on Jan 29, 2022  1¤7 1 new comment

• Docs for the config file - dependecies version

  #2575 commented on Jan 29, 2022  1¤7 1 new comment

• Add command to update edited PR

  #2524 commented on Jan 29, 2022  1¤7 1 new comment

• allow same package ecosystem directory, but with different constraint

  #4672 commented on Jan 29, 2022  1¤7 1 new comment

• Ability to have duplicate updates - but different allow types

  #2390 commented on Jan 29, 2022  1¤7 1 new comment

• Per-project badges

  #2070 commented on Jan 29, 2022  1¤7 1 new comment

• write a custom message on the PR thread

  #1529 commented on Jan 29, 2022  1¤7 1 new comment

• Duplicate pull requests

  #1408 commented on Jan 29, 2022  1¤7 1 new comment

• Use a single PR for updates with the same GroupId and Version

  #2121 commented on Jan 29, 2022  1¤7 1 new comment

• Dependabot failed to update dependencies

  #3868 commented on Jan 31, 2022  1¤7 1 new comment

• Dependabot auto merge not working

  #1973 commented on Feb 1, 2022  1¤7 1 new comment

• Add support for Python dependencies in `setup.cfg`

  #2133 commented on Feb 1, 2022  1¤7 1 new comment

• dependabot validator has gone missing

  #4605 commented on Jan 28, 2022  1¤7 0 new comments

• Document how to structure project for good dependabot integration

  #4656 commented on Jan 28, 2022  1¤7 0 new comments

• remove outdated PR

  #4673 commented on Jan 28, 2022  1¤7 0 new comments

• Add credential hostname precedence for git-credentials in git_metadata_fetcher (with solution in description)

  #4675 commented on Jan 28, 2022  1¤7 0 new comments

• Command to switch target-branch of a specific Pull request

  #3546 commented on Jan 29, 2022  1¤7 0 new comments