Skip to content

Dependabot version updates #669

New issue
New issue
Open
Open
Dependabot version updates#669
Labels
low effortThere is not much implementation work to be done. The task is very easy or tiny.low impactChanges are not very noticeable or potential benefits are limited.should haveWe like the idea but it’s not important enough to be a part of the roadmap.testing 🔨
@cameel

Description

@cameel
cameel
opened on Oct 6, 2022

We can have dependabot ping us when dependencies need to be updated. We have that enabled for security vulnerabilities but not for regular updates. See Configuring Dependabot version updates. This will require adding a dependabot.yml to the repo.

Before doing this, check if this actually makes sense in our case though. Does dependabot pin specific versions? Since solc-js is a library, we want to support a wide range of versions and not impose specific versions on applications.

Metadata

Metadata

Assignees

No one assigned

    Labels

    low effortThere is not much implementation work to be done. The task is very easy or tiny.low impactChanges are not very noticeable or potential benefits are limited.should haveWe like the idea but it’s not important enough to be a part of the roadmap.testing 🔨

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions