mirror of
https://github.com/super-linter/super-linter.git
synced 2024-11-23 01:00:57 -05:00
chore: group dependency updates prs (#6247)
Group dependency update PRs in order to minimize the number of PRs to review.
This commit is contained in:
parent
2a42244b37
commit
fed55ef448
4 changed files with 139 additions and 32 deletions
143
.github/dependabot.yml
vendored
143
.github/dependabot.yml
vendored
|
@ -16,14 +16,56 @@ updates:
|
||||||
schedule:
|
schedule:
|
||||||
interval: "weekly"
|
interval: "weekly"
|
||||||
open-pull-requests-limit: 100
|
open-pull-requests-limit: 100
|
||||||
|
groups:
|
||||||
|
dev-ci-tools:
|
||||||
|
applies-to: version-updates
|
||||||
|
patterns:
|
||||||
|
- actions/*
|
||||||
|
- akhilerm/tag-push-action
|
||||||
|
- docker/*
|
||||||
|
- googleapis/*
|
||||||
|
- peter-evans/create-issue-from-file
|
||||||
|
|
||||||
- package-ecosystem: "npm"
|
- package-ecosystem: "npm"
|
||||||
commit-message:
|
commit-message:
|
||||||
prefix: "deps(npm)"
|
prefix: "deps(npm)"
|
||||||
directory: "/dependencies"
|
directories:
|
||||||
|
- /dependencies
|
||||||
schedule:
|
schedule:
|
||||||
interval: "weekly"
|
interval: "weekly"
|
||||||
open-pull-requests-limit: 100
|
open-pull-requests-limit: 100
|
||||||
|
groups:
|
||||||
|
eslint-plugins-configs:
|
||||||
|
applies-to: version-updates
|
||||||
|
patterns:
|
||||||
|
- "eslint-config*"
|
||||||
|
- "eslint-plugin*"
|
||||||
|
next:
|
||||||
|
applies-to: version-updates
|
||||||
|
patterns:
|
||||||
|
- next
|
||||||
|
- next-pwa
|
||||||
|
react:
|
||||||
|
applies-to: version-updates
|
||||||
|
patterns:
|
||||||
|
- "react*"
|
||||||
|
- "@babel/preset-react"
|
||||||
|
- "@react-native/eslint-config"
|
||||||
|
stylelint:
|
||||||
|
applies-to: version-updates
|
||||||
|
patterns:
|
||||||
|
- "stylelint*"
|
||||||
|
textlint:
|
||||||
|
applies-to: version-updates
|
||||||
|
patterns:
|
||||||
|
- "textlint*"
|
||||||
|
typescript:
|
||||||
|
applies-to: version-updates
|
||||||
|
patterns:
|
||||||
|
- "@babel/preset-typescript"
|
||||||
|
- "@typescript-eslint/eslint-plugin"
|
||||||
|
- ts-standard
|
||||||
|
- typescript
|
||||||
|
|
||||||
- package-ecosystem: "bundler"
|
- package-ecosystem: "bundler"
|
||||||
commit-message:
|
commit-message:
|
||||||
|
@ -32,6 +74,11 @@ updates:
|
||||||
schedule:
|
schedule:
|
||||||
interval: "weekly"
|
interval: "weekly"
|
||||||
open-pull-requests-limit: 100
|
open-pull-requests-limit: 100
|
||||||
|
groups:
|
||||||
|
rubocop:
|
||||||
|
applies-to: version-updates
|
||||||
|
patterns:
|
||||||
|
- "rubocop*"
|
||||||
|
|
||||||
- package-ecosystem: "docker"
|
- package-ecosystem: "docker"
|
||||||
commit-message:
|
commit-message:
|
||||||
|
@ -40,38 +87,86 @@ updates:
|
||||||
schedule:
|
schedule:
|
||||||
interval: "weekly"
|
interval: "weekly"
|
||||||
open-pull-requests-limit: 100
|
open-pull-requests-limit: 100
|
||||||
|
groups:
|
||||||
|
docker:
|
||||||
|
applies-to: version-updates
|
||||||
|
# We can group all Docker dependencies because they are isolated from
|
||||||
|
# each other
|
||||||
|
patterns:
|
||||||
|
- alpine/helm
|
||||||
|
- alpine/terragrunt
|
||||||
|
- dotenvlinter/dotenv-linter
|
||||||
|
- dotnet/sdk
|
||||||
|
- golang
|
||||||
|
- golangci/golangci-lint
|
||||||
|
- goreleaser/goreleaser
|
||||||
|
- hadolint/hadolint
|
||||||
|
- hashicorp/terraform
|
||||||
|
- kustomize/kustomize
|
||||||
|
- tenable/terrascan
|
||||||
|
- terraform-linters/tflint
|
||||||
|
- yannh/kubeconform
|
||||||
|
- koalaman/shellcheck
|
||||||
|
- mstruebing/editorconfig-checker
|
||||||
|
- mvdan/shfmt
|
||||||
|
- rhysd/actionlint
|
||||||
|
- scalameta/scalafmt
|
||||||
|
- zricethezav/gitleaks
|
||||||
|
- yoheimuta/protolint
|
||||||
|
- clj-kondo/clj-kondo
|
||||||
|
- dart
|
||||||
|
- powershell
|
||||||
|
- composer/composer
|
||||||
|
- python
|
||||||
|
|
||||||
- package-ecosystem: "pip"
|
- package-ecosystem: "pip"
|
||||||
commit-message:
|
commit-message:
|
||||||
prefix: "deps(python)"
|
prefix: "deps(python)"
|
||||||
directory: "/dependencies/python/"
|
directories:
|
||||||
|
- /dependencies/python/
|
||||||
schedule:
|
schedule:
|
||||||
interval: "weekly"
|
interval: "weekly"
|
||||||
open-pull-requests-limit: 100
|
open-pull-requests-limit: 100
|
||||||
|
groups:
|
||||||
|
pip:
|
||||||
|
applies-to: version-updates
|
||||||
|
# We can group all python dependencies because each uses its own
|
||||||
|
# virtual environments
|
||||||
|
patterns:
|
||||||
|
- ansible-lint
|
||||||
|
- black
|
||||||
|
- cfn-lint
|
||||||
|
- checkov
|
||||||
|
- cpplint
|
||||||
|
- flake8
|
||||||
|
- isort
|
||||||
|
- pyink
|
||||||
|
- pylint
|
||||||
|
- ruff
|
||||||
|
- snakefmt
|
||||||
|
- snakemake
|
||||||
|
- sqlfluff
|
||||||
|
- yamllint
|
||||||
|
|
||||||
- package-ecosystem: "gradle"
|
- package-ecosystem: "gradle"
|
||||||
commit-message:
|
commit-message:
|
||||||
prefix: "deps(java)"
|
prefix: "deps(java)"
|
||||||
directory: "/dependencies/checkstyle"
|
directories:
|
||||||
schedule:
|
- "/dependencies/checkstyle"
|
||||||
interval: "weekly"
|
- "/dependencies/google-java-format"
|
||||||
open-pull-requests-limit: 100
|
- "/dependencies/ktlint"
|
||||||
|
|
||||||
- package-ecosystem: "gradle"
|
|
||||||
commit-message:
|
|
||||||
prefix: "deps(java)"
|
|
||||||
directory: "/dependencies/google-java-format"
|
|
||||||
schedule:
|
|
||||||
interval: "weekly"
|
|
||||||
open-pull-requests-limit: 100
|
|
||||||
|
|
||||||
- package-ecosystem: "gradle"
|
|
||||||
commit-message:
|
|
||||||
prefix: "deps(java)"
|
|
||||||
directory: "/dependencies/ktlint"
|
|
||||||
schedule:
|
schedule:
|
||||||
interval: "weekly"
|
interval: "weekly"
|
||||||
open-pull-requests-limit: 100
|
open-pull-requests-limit: 100
|
||||||
|
groups:
|
||||||
|
java-gradle:
|
||||||
|
applies-to: version-updates
|
||||||
|
# We can group all Java dependencies because they are isolated from
|
||||||
|
# each other
|
||||||
|
patterns:
|
||||||
|
- "com.google.googlejavaformat:google-java-format"
|
||||||
|
- "com.pinterest.ktlint:ktlint-cli"
|
||||||
|
- "com.puppycrawl.tools:checkstyle"
|
||||||
|
|
||||||
- package-ecosystem: "docker"
|
- package-ecosystem: "docker"
|
||||||
commit-message:
|
commit-message:
|
||||||
|
@ -84,7 +179,8 @@ updates:
|
||||||
- package-ecosystem: "npm"
|
- package-ecosystem: "npm"
|
||||||
commit-message:
|
commit-message:
|
||||||
prefix: "ci(dev-npm)"
|
prefix: "ci(dev-npm)"
|
||||||
directory: "/dev-dependencies"
|
directories:
|
||||||
|
- /dev-dependencies
|
||||||
schedule:
|
schedule:
|
||||||
interval: "weekly"
|
interval: "weekly"
|
||||||
open-pull-requests-limit: 100
|
open-pull-requests-limit: 100
|
||||||
|
@ -97,3 +193,10 @@ updates:
|
||||||
schedule:
|
schedule:
|
||||||
interval: "weekly"
|
interval: "weekly"
|
||||||
open-pull-requests-limit: 100
|
open-pull-requests-limit: 100
|
||||||
|
groups:
|
||||||
|
composer:
|
||||||
|
applies-to: version-updates
|
||||||
|
patterns:
|
||||||
|
- squizlabs/php_codesniffer
|
||||||
|
- phpstan/phpstan
|
||||||
|
- vimeo/psalm
|
||||||
|
|
3
dependencies/composer/composer.json
vendored
3
dependencies/composer/composer.json
vendored
|
@ -3,6 +3,7 @@
|
||||||
"require": {
|
"require": {
|
||||||
"squizlabs/php_codesniffer": "^3.10.1",
|
"squizlabs/php_codesniffer": "^3.10.1",
|
||||||
"phpstan/phpstan": "^1.11.2",
|
"phpstan/phpstan": "^1.11.2",
|
||||||
"vimeo/psalm": "^5.24.0"
|
"vimeo/psalm": "^5.24.0",
|
||||||
|
"php": "^8.3"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
6
dependencies/composer/composer.lock
generated
vendored
6
dependencies/composer/composer.lock
generated
vendored
|
@ -4,7 +4,7 @@
|
||||||
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
|
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
|
||||||
"This file is @generated automatically"
|
"This file is @generated automatically"
|
||||||
],
|
],
|
||||||
"content-hash": "3b4539dab73f09cdc845962c74e8fc33",
|
"content-hash": "83c178db3f6e7f578d7120a28f2453ec",
|
||||||
"packages": [
|
"packages": [
|
||||||
{
|
{
|
||||||
"name": "amphp/amp",
|
"name": "amphp/amp",
|
||||||
|
@ -2232,7 +2232,9 @@
|
||||||
"stability-flags": [],
|
"stability-flags": [],
|
||||||
"prefer-stable": false,
|
"prefer-stable": false,
|
||||||
"prefer-lowest": false,
|
"prefer-lowest": false,
|
||||||
"platform": [],
|
"platform": {
|
||||||
|
"php": "^8.3"
|
||||||
|
},
|
||||||
"platform-dev": [],
|
"platform-dev": [],
|
||||||
"plugin-api-version": "2.6.0"
|
"plugin-api-version": "2.6.0"
|
||||||
}
|
}
|
||||||
|
|
|
@ -46,6 +46,9 @@ new tool needs in the `PATH`, and the expected version command:
|
||||||
ENV PATH="${PATH}:/venvs/<name-of-tool>/bin"
|
ENV PATH="${PATH}:/venvs/<name-of-tool>/bin"
|
||||||
```
|
```
|
||||||
|
|
||||||
|
1. Add the new dependencies to the `pip` group in the DependaBot
|
||||||
|
configuration file (`.github/dependabot.yaml`).
|
||||||
|
|
||||||
- If there are npm packages, update `dependencies/package.json` and
|
- If there are npm packages, update `dependencies/package.json` and
|
||||||
`dependencies/package-lock.json`. by adding the new packages.
|
`dependencies/package-lock.json`. by adding the new packages.
|
||||||
- If there are Ruby Gems, update `dependencies/Gemfile` and
|
- If there are Ruby Gems, update `dependencies/Gemfile` and
|
||||||
|
@ -73,6 +76,7 @@ new tool needs in the `PATH`, and the expected version command:
|
||||||
|
|
||||||
3. Update the `dependencies` section in
|
3. Update the `dependencies` section in
|
||||||
`dependencies/<name-of-tool>/build.gradle` to install your dependencies.
|
`dependencies/<name-of-tool>/build.gradle` to install your dependencies.
|
||||||
|
|
||||||
4. Add the following content to the `Dockerfile`:
|
4. Add the following content to the `Dockerfile`:
|
||||||
|
|
||||||
```dockerfile
|
```dockerfile
|
||||||
|
@ -91,15 +95,9 @@ new tool needs in the `PATH`, and the expected version command:
|
||||||
)"
|
)"
|
||||||
```
|
```
|
||||||
|
|
||||||
6. Add the new to DependaBot configuration:
|
6. Add the new tool dependencies to the DependaBot configuration in the
|
||||||
|
`directories` list and in the `java-gradle` group of the `gradle` package
|
||||||
```yaml
|
ecosystem.
|
||||||
- package-ecosystem: "gradle"
|
|
||||||
directory: "/dependencies/<name-of-tool>"
|
|
||||||
schedule:
|
|
||||||
interval: "weekly"
|
|
||||||
open-pull-requests-limit: 10
|
|
||||||
```
|
|
||||||
|
|
||||||
- If there is a container (Docker) image:
|
- If there is a container (Docker) image:
|
||||||
|
|
||||||
|
@ -116,6 +114,9 @@ new tool needs in the `PATH`, and the expected version command:
|
||||||
COPY --from=<name-of-tool> /usr/local/bin/<name-of-command> /usr/bin/
|
COPY --from=<name-of-tool> /usr/local/bin/<name-of-command> /usr/bin/
|
||||||
```
|
```
|
||||||
|
|
||||||
|
1. Add the new dependency to the `docker` group in the DependaBot
|
||||||
|
configuration file.
|
||||||
|
|
||||||
## Run the new tool
|
## Run the new tool
|
||||||
|
|
||||||
- Update the orchestration scripts to run the new tool:
|
- Update the orchestration scripts to run the new tool:
|
||||||
|
|
Loading…
Reference in a new issue