You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello, apologies if this is not the right place to raise this.
Summary
Is there any plan (or possibility) to support APM dependencies with Dependabot?
Problem
Currently, the recommended approach from the docs is for consumers to run apm deps update. While this works at a small scale, it does not scale well at an organisational level, as it requires either:
manual execution, or
custom scheduled automation in each consuming repository
Both approaches introduce operational overhead and inconsistency across projects.
Example
For instance, given a dependency defined as:
name: example
version: 1.0.0
description: example APM project
author: Gary-H9
dependencies:
apm:
- gary-h9/apm-example#ab926bb6b00347c81d3a8b7eac49e63ab3743b17
mcp: []
scripts: {}
When a new commit or version is available, there is currently no automated way (e.g. via Dependabot) to raise update PRs. This means consumers must either manually run apm deps update or implement their own scheduled workflows.
Suggestion
Support for Dependabot (or a similar automated update mechanism) for APM dependencies would:
reduce manual maintenance
improve consistency across repositories
make APM more viable at scale within organisations
I think this is really more something that would need to be adopted by Dependabot, but I wanted to raise it here as I couldn’t find any existing discussions on the topic.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Hello, apologies if this is not the right place to raise this.
Summary
Is there any plan (or possibility) to support APM dependencies with Dependabot?
Problem
Currently, the recommended approach from the docs is for consumers to run
apm deps update. While this works at a small scale, it does not scale well at an organisational level, as it requires either:Both approaches introduce operational overhead and inconsistency across projects.
Example
For instance, given a dependency defined as:
When a new commit or version is available, there is currently no automated way (e.g. via Dependabot) to raise update PRs. This means consumers must either manually run
apm deps updateor implement their own scheduled workflows.Suggestion
Support for Dependabot (or a similar automated update mechanism) for APM dependencies would:
Related
There is an existing Dependabot issue that seems related:
dependabot/dependabot-core#14350
I think this is really more something that would need to be adopted by Dependabot, but I wanted to raise it here as I couldn’t find any existing discussions on the topic.
Beta Was this translation helpful? Give feedback.
All reactions