Show HN: Dependabot – automated dependency updates for Ruby, JavaScript and PHP
A friend and I have spent the last couple of months building Dependabot. We want to make it as useful as possible, so we'd love any feedback - does this match your ideal flow for keeping dependencies up-to-date? If not, what would you like to see us do differently?
Things we'd particularly like guidance on are:
- Is one PR per dependency update the right choice? They're easier to review/merge, but it's nosier than submitting a PR with multiple updates.
- What should we do about sub-dependencies (dependencies of your dependencies)?
- Is the "compatibility score" useful? Is there a way you'd rather see this information? (https://dependabot.com/compatibility-score)
- What additional languages would you like to see?
Any feedback very gratefully received!
0 comments
[ 3.1 ms ] story [ 12.5 ms ] threadNo comments yet.