CI: trigger lockfile CI automatically on dependabot PRs#3646
CI: trigger lockfile CI automatically on dependabot PRs#3646superlopuh merged 13 commits intomainfrom
Conversation
Bumps [pytest-asyncio](https://github.com/pytest-dev/pytest-asyncio) from 0.24.0 to 0.25.0. - [Release notes](https://github.com/pytest-dev/pytest-asyncio/releases) - [Commits](pytest-dev/pytest-asyncio@v0.24.0...v0.25.0) --- updated-dependencies: - dependency-name: pytest-asyncio dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #3646 +/- ##
==========================================
+ Coverage 91.30% 91.31% +0.01%
==========================================
Files 466 467 +1
Lines 58375 58531 +156
Branches 5626 5643 +17
==========================================
+ Hits 53297 53449 +152
- Misses 3630 3632 +2
- Partials 1448 1450 +2 ☔ View full report in Codecov by Sentry. |
|
please update lockfile |
1 similar comment
|
please update lockfile |
|
please update lockfile |
…#3647) I tested it [here](#3646) and it works if you do the dumb thing and trigger on push, but it seems to not run actions on unsigned commits by default. I'm hoping that if we trigger the action manually it'll inherit the clicker's permissions and re-run the action. In either case, I think whatever we adopt should supercede the cron job one as we want to never be out of sync between the pyproject and lockfile.
superlopuh
changed the title
superlopuh
requested review from
EdmundGoodman,
alexarice,
compor,
math-fehr and
webmiche
alexarice
left a comment
alexarice
left a comment
There was a problem hiding this comment.
13 commits, 3 lines changed
compor
left a comment
compor
left a comment
There was a problem hiding this comment.
So we'll have to close and open dependabot PRs to have this triggered?
|
The lockfile update should hopefully trigger automatically, but you'll have to reopen to get the normal ci to trigger on the commit that the update-lockfile-bot makes |
EdmundGoodman
left a comment
EdmundGoodman
left a comment
There was a problem hiding this comment.
lgtm - is there a place we should document the process for what needs to happen with dependabot PRs, or can we just leave it as institutional knowledge and hope dependabot supports uv soon?
This is a great point - maybe a section "For maintainers" in the README? Or an open issue to track this and the workaround? |
|
IDK, uv is now used by 13% of PyPI packages, I assume it's going to be fixed soon enough that just telling people what to do should be OK |
4 participants
No description provided.