dandri/synapse
1
0
Fork 0
mirror of https://github.com/element-hq/synapse.git synced 2026-05-15 05:55:21 +00:00
Code Issues Packages Projects Releases Wiki Activity
25,732 Commits 1,110 Branches 829 Tags
dependabot/pip/gitpython-3.1.50
Commit Graph

7 Commits

Author SHA1 Message Date
Olivier 'reivilibre c376cdd2ee Configure Dependabot to only update Python dependencies in the lockfile. (#19743) 
See:
- https://github.com/element-hq/synapse/pull/19742
- https://github.com/element-hq/synapse/pull/19686

(etc)

Documentation
https://docs.github.com/en/code-security/reference/supply-chain-security/dependabot-options-reference#versioning-strategy--

We were considering `lockfile-only` but it sounds like
`increase-if-necessary` would increase the upper bound for us, if we had
one. Let's try it.

---------

Signed-off-by: Olivier 'reivilibre <oliverw@matrix.org>
 2026-04-29 18:17:53 +01:00
Andrew Morgan a096fba969 Group non-breaking dependabot PRs together to reduce review load (#18402) 2025-12-05 10:48:01 +00:00
Andrew Morgan 3d28e2213f Dependabot: allow 10 open PRs for general updates (#19253) 2025-12-02 16:45:54 +00:00
Andrew Morgan ffd0b4c079 Add a 14-day cooldown for dependency updates (#19258) 2025-12-02 16:45:28 +00:00
Erik Johnston 6816300588 Make Dependabot only bump Rust deps in the lock file (#14434) 
This is to help downstream packagers.
 2022-11-14 14:45:17 +00:00
Erik Johnston 17c031b251 Enable dependabot for Rust dependencies (#14132) 2022-10-11 12:26:40 +01:00
Richard van der Hoff b2aadd81a8 Enable dependabot updates (#13976) 
Fixes https://github.com/matrix-org/synapse/issues/11828
 2022-09-30 14:28:34 +01:00