Skip to content

ci: group dependabot updates into monthly PRs #3143#3144

Merged
MillenniumFalconMechanic merged 1 commit into
mainfrom
dave/dependabot-grouped-updates
Jul 10, 2026
Merged

ci: group dependabot updates into monthly PRs #3143#3144
MillenniumFalconMechanic merged 1 commit into
mainfrom
dave/dependabot-grouped-updates

Conversation

@NoopDog

@NoopDog NoopDog commented Jul 10, 2026

Copy link
Copy Markdown
Collaborator

Closes #3143

Mirrors the config adopted in anvilproject/anvil-portal#3999 / anvilproject/anvil-portal#4017 / anvilproject/anvil-portal#4026:

  • npm: daily → monthly schedule; minor and patch bumps grouped into a single PR (majors still open individually); open-pull-requests-limit lowered from 50 to 5
  • pip: new monthly entry for /analytics with all updates grouped into one PR (its 13 open security PRs currently arrive per-package)
  • assignees: noopdogNoopDog — Dependabot validates assignees case-sensitively and errors on every PR with the lowercase spelling

On its next run Dependabot should reconcile the 23 open per-package npm PRs into grouped ones. A follow-up PR will refresh analytics/requirements.txt to close out the pip security PRs.

🤖 Generated with Claude Code

Switch npm version updates from daily per-package PRs (limit 50) to a
monthly grouped PR for minor/patch bumps, with majors still opening
individually. Add a grouped pip ecosystem for /analytics. Fix assignee
casing to NoopDog (Dependabot validates assignees case-sensitively).

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@MillenniumFalconMechanic MillenniumFalconMechanic merged commit 51e4ba1 into main Jul 10, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Reduce Dependabot PR noise by grouping version updates

2 participants