Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Address dependabot missing peer dependency updates #208

Open
rmanaem opened this issue Dec 13, 2024 · 1 comment
Open

Address dependabot missing peer dependency updates #208

rmanaem opened this issue Dec 13, 2024 · 1 comment
Labels
phase:research involves researching information on a topic rather than implementing specific feature.

Comments

@rmanaem
Copy link
Contributor

rmanaem commented Dec 13, 2024

It seems dependabot addresses dependencies bumps in isolation when it comes to certain packages (e.g., vitest) and doesn't bump their peer dependencies, leading to the npm install command used in various workflows to break. Since we like the automated process of dependency bumps and would like to avoid the hassle of bumping peer dependencies manually ourselves, we have two options to address this:

  • Look into dependabot configuration and see if it can be fixed by tweaking things
  • Research another tool that does the same thing without having the same issues
@rmanaem rmanaem added flag:schedule Flag issue that should go on the roadmap or backlog. phase:research involves researching information on a topic rather than implementing specific feature. labels Dec 13, 2024
@surchs
Copy link
Contributor

surchs commented Dec 20, 2024

There is a setting for "grouped updates": https://docs.github.com/en/code-security/dependabot/working-with-dependabot/dependabot-options-reference#groups--

I'm not sure if that solves all our problems, but let's try it out. I have enabled it on the query tool and it seems to group some related things like here: neurobagel/query-tool#408

@rmanaem rmanaem moved this to Backlog in Neurobagel Jan 6, 2025
@rmanaem rmanaem removed the flag:schedule Flag issue that should go on the roadmap or backlog. label Jan 6, 2025
@surchs surchs removed the status in Neurobagel Jan 9, 2025
@rmanaem rmanaem added the flag:schedule Flag issue that should go on the roadmap or backlog. label Jan 21, 2025
@surchs surchs moved this to Backlog in Neurobagel Jan 21, 2025
@surchs surchs removed the flag:schedule Flag issue that should go on the roadmap or backlog. label Jan 22, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
phase:research involves researching information on a topic rather than implementing specific feature.
Projects
Neurobagel
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
2 participants
@surchs @rmanaem