[wp-trac] [WordPress Trac] #54503: Configure Dependabot alerts for when GitHub Actions updates are available
WordPress Trac
noreply at wordpress.org
Thu Sep 1 15:54:24 UTC 2022
#54503: Configure Dependabot alerts for when GitHub Actions updates are available
------------------------------+----------------------
Reporter: desrosj | Owner: desrosj
Type: feature request | Status: closed
Priority: normal | Milestone: 5.9
Component: Build/Test Tools | Version:
Severity: normal | Resolution: fixed
Keywords: has-patch | Focuses:
------------------------------+----------------------
Comment (by jrf):
Replying to [comment:4 desrosj]:
> It's definitely annoying, but I wonder how many forks of `wordpress-
develop` out of the 1,400 currently are "old" and subject to this.
Honestly not sure, but AFAICS it only starts happening if they renamed the
main branch of their fork to `trunk` **and** keep that branch up to date
(or at least updated it to beyond the commit which included the Dependabot
config).
> Personally, I would prefer to stick with the native GH Dependabot if
possible.
Understood. Salient detail: Microsoft repos on GH all use Renovate ;-)
> If more people start raising this concern, we can open a new ticket to
discuss switching. For now, I'll see about reaching out to GitHub DevRel
folks and starting a discussion around this one.
👍🏻
> Just wanted to confirm that new forks will have the correct behavior and
require them to be manually activated.
Yes, IIRC the default behaviour for forks changed about a year ago, but
old forks still can't turn it off.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/54503#comment:6>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list