Commits on May 5, 2022

1. Opt-in Dependabot version update configuration …

   The `.github/dependabot.yml` Dependabot configuration file [2] for
   automation version updates [1] that was introduced in GH-52 [3] often
   causes a lot of PR noise and does not really help since updates also
   often require more action than just a bump of the version number itself
   like migration steps or adjustments to changes (e.g. APIs or deprecated
   implementations). Since Dependabot is not able to fulfill this and only
   does a stupid increase of the version number it often creates more work
   than it helps. The result are often hundreds of notifications and more
   digital noise for developers and maintainers without any real benefit
   since version & security updates are done on a regular schedule by
   maintainers who know what they are doing and how modern software should
   be maintained.
   Therefore the `.github/dependabot.yml` file has been renamed to
   `.github/dependabot.tmpl.yml` to disable Dependabot for this repository
   while still allowing repositories that are based on this template
   repository to opt-in.
   
   [1]: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates
   [2]: https://github.com/svengreb/tmpl/blob/32925a1f/.github/dependabot.yml
   [3]: #52
   
   GH-94

   

   svengreb committed May 5, 2022
   Configuration menu

   • View commit details
   • Copy full SHA for 6e52790
   • Browse repository at this point

   Copy the full SHA

   6e52790 View commit details

   Browse the repository at this point in the history