Show HN: Dependabot – automated dependency updates for Ruby, JavaScript and PHP

2 points by greysteil ↗ HN
Link: https://dependabot.com

A friend and I have spent the last couple of months building Dependabot. We want to make it as useful as possible, so we'd love any feedback - does this match your ideal flow for keeping dependencies up-to-date? If not, what would you like to see us do differently?

Things we'd particularly like guidance on are:

- Is one PR per dependency update the right choice? They're easier to review/merge, but it's nosier than submitting a PR with multiple updates.

- What should we do about sub-dependencies (dependencies of your dependencies)?

- Is the "compatibility score" useful? Is there a way you'd rather see this information? (https://dependabot.com/compatibility-score)

- What additional languages would you like to see?

Any feedback very gratefully received!

0 comments

[ 3.1 ms ] story [ 12.5 ms ] thread

No comments yet.