Skip to content

Commit

Permalink
Set dependabot to update frontend deps once a month (codeforpdx#565)
Browse files Browse the repository at this point in the history 
Frontend deps are now checked once a month. Security updates will
still be applied immediately. This is because we do not have the
bandwidth to handle frontend dep updates on a weekly basis. The number
of allowed PRs dependabot is allowed to have open is also reduced to 5.

This means that at any given time we should have no more than 5 PRs
(exluding security updates) open at any given time. Plus the one month
review cycle will give us time to thoroughly review the dep update.
  • Loading branch information
@NickSchimek
NickSchimek authored Nov 16, 2019
1 parent 369d037 commit 1067cba
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion .dependabot/config.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ update_configs:

- package_manager: "javascript"
directory: "/src/frontend"
update_schedule: "live"
update_schedule: "monthly"
default_labels:
- "frontend"
- "dependencies"
Expand Down

0 comments on commit 1067cba

Please sign in to comment.