Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Only specify major version of codecov-action #30

Merged
merged 1 commit into from
Mar 4, 2024
Merged

Only specify major version of codecov-action #30

merged 1 commit into from
Mar 4, 2024

Conversation

gregcorbett
Copy link
Member

  • always give us the latest version of the action in the relevant major series
  • reduce the number of dependabot PRs to review
  • bring consistency with the other actions in this file

@gregcorbett
Only specify major version of codecov-action
6fbfc05 
- always give us the latest version of the action in the
  relevant major series
- reduce the number of dependabot PRs to review
- brings consistency with the other actions in this file
@gregcorbett gregcorbett requested a review from a team March 4, 2024 10:49
@gregcorbett gregcorbett self-assigned this Mar 4, 2024
@gregcorbett gregcorbett marked this pull request as ready for review March 4, 2024 11:02
@tofu-rocketry
Copy link
Member 

* reduce the number of dependabot PRs to review

That works? You got any reference material on that?

@gregcorbett
Copy link
Member Author

That works? You got any reference material on that?

Only anecdotally, you can compare the PRs on this repo with the PRs against the codebase repo for GOCDB, where this change is already in effect.

And this Actions run shows the latest v3 (3.1.6 at the time) being pulled in (This doesn't some obvious now, a fact I attribute to the fact codecov is failing silently).

@tofu-rocketry
Copy link
Member

Annoying that it's not documented. There's some references to how dependabot does some stuff in relation to Semantic Versioning (SemVer), but nothing explicit. e.g. https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates#about-dependabot-version-updates

@gregcorbett gregcorbett merged commit 27c3246 into GOCDB:main Mar 4, 2024
4 checks passed
@gregcorbett gregcorbett deleted the codecov-action-specify-major branch March 4, 2024 16:01
@tofu-rocketry tofu-rocketry mentioned this pull request Mar 8, 2024
Merged
@tofu-rocketry
Copy link
Member

Some evidence. Got dependabot to close this PR itself after I changed the dependency to major.minor from major.minor.patch apel/apel#349

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tofu-rocketry tofu-rocketry tofu-rocketry approved these changes

Assignees

@gregcorbett gregcorbett

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gregcorbett @tofu-rocketry