Integrate dependabot
Closed this issue · 7 comments
Dependabot is an awesome tool to bump your dependencies automatically.
That's how it works: https://github.com/sobolevn/recase/pulls?q=is%3Apr+author%3Aapp%2Fdependabot
That's a lifesaver for some periodic update tasks.
@sntran could you please switch it on? I guess I am limited in my access rights.
Here's a how-to. Thanks!
Do we have enough tests to ensure bumping dependencies every time will not cause any issue?
There are many updates!
@sobolevn Would you mind checking whether those newer version of dependencies won't break? They are mostly for testing.
Sorry, I am quite busy with my primary job right now.
Maybe in two weeks or so. Is it fine?
No worry. I will pull them down and run the tests tonight. If everything passes, I'll merge.