Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(ci): add aws-sdk group and ignore middy upgrades in examples #1893

Merged
merged 3 commits into from
Jan 11, 2024
Merged

chore(ci): add aws-sdk group and ignore middy upgrades in examples #1893

merged 3 commits into from
Jan 11, 2024

Conversation

am29d
Copy link
Contributor

@am29d am29d commented Jan 11, 2024

Description of your changes

This PR adds @aws-sdk group to the root level dependabot updates. I have additional moved the ignore block for @middy/core to example specific folders.

Related issues, RFCs

Issue number: closes #1883

Checklist

  • My changes meet the tenets criteria
  • I have performed a self-review of my own code
  • I have commented my code where necessary, particularly in areas that should be flagged with a TODO, or hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my change is effective and works
  • The PR title follows the conventional commit semantics

Breaking change checklist

Is it a breaking change?: NO

  • I have documented the migration process
  • I have added, implemented necessary warnings (if it can live side by side)

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

Disclaimer: We value your time and bandwidth. As such, any pull requests created on non-triaged issues might not be successful.

@am29d am29d requested a review from a team as a code owner January 11, 2024 15:59
@pull-request-size pull-request-size bot added the size/S PR between 10-29 LOC label Jan 11, 2024
@am29d am29d self-assigned this Jan 11, 2024
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

heitorlessa
heitorlessa approved these changes Jan 11, 2024
View reviewed changes
Copy link
Contributor

@heitorlessa heitorlessa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. I wonder if dependabot is smart enough to consider recursive rules like… a middy major version ignore for all of them.

@am29d
Copy link
Contributor Author

am29d commented Jan 11, 2024

We did not have ignore block yesterday and we had the same behaviour: no upgrades for root, but upgrades for examples projects. The default versioning-strategy is set to auto which tries to guess if it should upgrade or not, and also ignore the package.json version cap.

auto | Try to differentiate between apps and libraries. Use increase for apps and widen for libraries.

My assumption is that dependabot treats examples as app and tries to widen the version. See more under versioning-strategy docs

@am29d am29d merged commit 82c21fa into main Jan 11, 2024
12 checks passed
@am29d am29d deleted the chore/1883-dependabot-add-groups branch January 11, 2024 16:15
dreamorosi pushed a commit that referenced this pull request Jan 27, 2024
@am29d @dreamorosi
chore(ci): add aws-sdk group and ignore middy upgrades in examples (#…
e2bc968 
…1893)

* ignore @middy/core major version update on specific proejcts

* add @AWS-SDK group at the top level

* remove aws-sdk from the wrong block
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@heitorlessa heitorlessa heitorlessa approved these changes

Assignees

@am29d am29d

Labels
size/S PR between 10-29 LOC
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Maintenance: add groups for Dependabot
2 participants
@am29d @heitorlessa