Enable dependabot on our composite actions #418
Assignees
Labels
bug
Defects or glitches reported by users or developers
dependencies
Related with project dependencies
Comments
jorgepiloto
added
bug
|
We may be part of the beta testing for this, see dependabot/dependabot-core#2178 (comment) |
|
Good catch @jorgepiloto! I didn't realize we could be beta testers |
|
Some issues found with the latest syntax, see https://github.com/github-early-access/dependabot-wildcard-glob-private-beta/issues/3 |
|
We can't access that link but we trust you :) |
|
True. Here is the link to the issue in this same repository:
Direct link: https://github.com/ansys/actions/network/updates/20639306/jobs |
|
The repository has been archived. Looks like Dependabot maintainers are working on it. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently dependabot is only updating the main workflow file. However, it'd be great if dependabot updated the composite actions directly in this repo.
There is a solution which would consist on duplicating the
package-ecosystem: "github-actions"N times, where N is the number of actions we have. However, after dependabot/dependabot-core#2178 is solved (see dependabot/dependabot-core#2178 (comment) for recent activity) we should be able to use wildcards on our dependabot.yml file and thus making it super simple to implement.Let's wait for dependabot/dependabot-core#2178 to be closed and we can get started with this afterwards.
The text was updated successfully, but these errors were encountered: