Comments (5)
Thanks for getting in touch. I'm keen to do something about this - it's next on my list.
In particular, when there are updates that need to be done together I'd like to bundle them into a single PR. We already do that for Ruby and Java, and I don't see any reason why we shouldn't for JS when all of your Angular / React packages are updated in lock-step.
from dependabot-core.
We're regularly spammed by @material-ui
, @babel
, @storybook
, @accounts
, ... would <3 to see any movement here.
from dependabot-core.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs within seven days. Thank you for your contributions.
from dependabot-core.
Duplicate of #1296
from dependabot-core.
Temp re-opening so I can close as "dupe" rather than "resolved" for clarity while skimming issue links.
from dependabot-core.
Related Issues (20)
- Error when updating NuGet packages from Public and Private Feed HOT 8
- Dependabot sometimes only edits package-lock.json, not package.json
- Composer version constraints ignored
- Unhandled exception: No dotnet-tools.json files found HOT 1
- Support custom docker tag pattern and git tag in dependabot
- `dependabot-action` fails while trying to update an ignored dependency as part of security alerts
- Dependabot not finding all instances of package upgrades in .NET solution HOT 4
- Dependabot does not recognize SemVer v2 versions with build metadata
- Dependabot terraform - add support for updating required_version HOT 1
- Support bearer token authentication with private composer repository
- Wrong python version detection HOT 2
- Nuget from private ProGet feed: found dependencies to update but Package.csproj restore fails HOT 4
- NETSDK1083 error when using .NET 8
- Dependabot doesn't update dependency in `pyproject.toml` if it already satisfies the requirement
- Bundler updates pausing for 3-5m on each dependency update HOT 5
- Restore needs to be run before attempting to update `packages.config`
- Dependabot::Sorbet::Runtime::InformationalError: Parameter 'url': Expected type String, got type NilClass
- Says no update needed for private npm package even though new patch version available
- Some packages finish with unknown error, both self-hosted or public packages HOT 3
- Support auth.json for private composer repository
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dependabot-core.