Address dependabot missing peer dependency updates #208
Labels
flag:schedule
Flag issue that should go on the roadmap or backlog.
phase:research
involves researching information on a topic rather than implementing specific feature.
Comments
rmanaem
added
flag:schedule
|
There is a setting for "grouped updates": https://docs.github.com/en/code-security/dependabot/working-with-dependabot/dependabot-options-reference#groups-- I'm not sure if that solves all our problems, but let's try it out. I have enabled it on the query tool and it seems to group some related things like here: neurobagel/query-tool#408 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It seems dependabot addresses dependencies bumps in isolation when it comes to certain packages (e.g., vitest) and doesn't bump their peer dependencies, leading to the
npm installcommand used in various workflows to break. Since we like the automated process of dependency bumps and would like to avoid the hassle of bumping peer dependencies manually ourselves, we have two options to address this:The text was updated successfully, but these errors were encountered: