Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use 3.8.x as a target for dependabot version updates #6384

Merged
merged 1 commit into from
May 5, 2024
Merged

Use 3.8.x as a target for dependabot version updates #6384

merged 1 commit into from
May 5, 2024

Conversation

greg0ire
Copy link
Member

@greg0ire greg0ire commented May 5, 2024

By default, Dependabot checks the default branch, and raises pull requests against it. Since we are using a merge-up workflow, we should tell it to target 3.8.x. This is not great because it will mean we will have to maintain that setting for as long as we maintain the old patch branch, but I do not think there is a better solution.

Documentation: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#target-branch

@greg0ire
Use 3.8.x as a target for dependabot version updates
41d04e3 
By default, Dependabot checks the default branch, and raises pull
requests against it. Since we are using a merge-up workflow, we should
tell it to target 3.8.x. This is not great because it will mean we will
have to maintain that setting for as long as we maintain the old patch
branch, but I do not think there is a better solution.
greg0ire
greg0ire commented May 5, 2024
View reviewed changes
.github/dependabot.yml
@@ -6,3 +6,4 @@ updates:
interval: "weekly"
labels:
- "CI"
target-branch: "3.8.x"
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's unclear to me if Dependabot will start monitoring 3.8.x rightaway or after we merge this up into the default branch. Once it is merged up into the default branch, I think it will take other modifications to the file on that branch rightaway, so I think this is still the right move.

@derrabus derrabus added the CI label May 5, 2024
@derrabus derrabus added this to the 3.8.5 milestone May 5, 2024
@derrabus derrabus merged commit f2f883c into doctrine:3.8.x May 5, 2024
@greg0ire greg0ire deleted the target-old-patch branch May 5, 2024 09:56
derrabus added a commit that referenced this pull request May 16, 2024
@derrabus
Merge branch '4.1.x' into 5.0.x
a96c52c 
* 4.1.x:
  Fix example for QB delete and update in doc block
  Bump doctrine/.github from 5.0.0 to 5.0.1 (#6391)
  PHPStan 1.10.67, PHPUnit 9.6.19, PHPCS 3.9.2 (#6387)
  Fix "Plugin 'mysql_native_password' is not loaded" (#6388)
  Run tests against MySQL 8.4 (#6386)
  Use 3.8.x as a target for dependabot version updates (#6384)
  Setup dependabot
  Fix SQLiteSchemaManagerTest case
  Switch to substr implementation
  fix merge
  Bump workflow actions
  Fix SQL Server "extended property" SQL generation (#6353)
  Fix DB name passing in SqliteSchemaManager::listTableForeignKeys() (#6338)
  Fix SQLite temp table name must not contain dot (#6315)
  Provide CODECOV_TOKEN
  Upgrade to codecov/codecov-action v4
  Set fail_ci_if_error flag to true
  Specify the minor version number
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@derrabus derrabus derrabus approved these changes

Assignees
No one assigned
Labels
CI
Projects
None yet
Milestone
3.8.5
Development

Successfully merging this pull request may close these issues.
2 participants
@greg0ire @derrabus