ci: add workflow that updates dependencies every 6 months#271
ci: add workflow that updates dependencies every 6 months#271leahaeusel wants to merge 1 commit into
Conversation
leahaeusel
force-pushed
the
add-renovate-action
branch
20 times, most recently
from
cb9da0b to
5e56de0
Compare
leahaeusel
force-pushed
the
add-renovate-action
branch
from
5e56de0 to
5ed64f9
Compare
danielwolff1
left a comment
danielwolff1
left a comment
There was a problem hiding this comment.
Thanks for looking into the automatic update of dependencies, I think this will be a huge benefit to the project as a whole! 🙌 🥳
| "extends": ["config:recommended"], | ||
| "packageRules": [ | ||
| { | ||
| "matchManagers": ["pip_requirements", "conda"], |
There was a problem hiding this comment.
Now that we are changing to pixi as dependency manager, do you think we need to rethink the renovate configuration and maybe postpone the feature until #301 is merged? I am not sure if anything will change really, since under the hood we still rely on conda and pip to resolve the packages. What makes me wonder is that with the new configuration we would most likely need to update both the compose.conda-lock.yml and the pixi.lock file. Additionally, now we explicitly list dependency versions inside our pyproject.toml and I assume they would need to be updated as well...? What do you think?
Maybe @sbrandstaeter has a more concrete idea of how applicable this still would be in connection with the new workflow 😄
There was a problem hiding this comment.
Yes, we definitely need to rethink whether we will use renovate or which tool will be best for updating dependencies in the future.
This completely depends on our new dependency management (#301), which makes the current state of this PR obsolete. Sorry for not communicating that in a clearer way besides keeping the PR in draft mode 🙈
There was a problem hiding this comment.
no worries, this was definitely clear, this is completely on me 😬 But good that we clarified it nontheless! 😁
There was a problem hiding this comment.
I have added a list of follow-up points to #301. One of them is automatic updating. There is information on how to do that with pixi (see e.g. updating lockfile)
3 participants
Description and Context:
What and Why?
This PR adds a workflow that automatically generates a PR that updates our dependencies every 6 months. It uses renovate to do this.
Related Issues and Pull Requests
Interested Parties
@maxdinkel