Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-22 03:52:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Align Dependabot PRs with CONTRIBUTING

Browse Source 
Previously Dependabot was setup to submit PRs to every branch.
However, this does not align with the contributing guidelines which
state to only submit a PR on the oldest branch so that merge forward
strategy can be used.

This changes the dependabot configuration to better align with our
contributing guidelines:

- PRs for github actions are submitted against the oldest branch since
  all branches will need updated using a merge forward stategy. Merging a
  github action will require us to merge forward manually and preserve
  the changes in the oldest branch to pickup the github actions update.
- Java dependencieds are submitted against each branch since they will
  need to merge -s ours to preserve the correct major.minor semantics.
  Merging a java dependency will now require us to do the merging manually.
This commit is contained in:
Rob Winch 2025-05-02 14:59:08 -05:00
parent aa338e9b0d
commit 5c92d90e36
No known key found for this signature in database
1 changed files with 0 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
.github/dependabot.yml vendored
View File

@ -86,16 +86,6 @@ updates:
update-types:
- version-update:semver-major
- package-ecosystem: github-actions
target-branch: 6.4.x
directory: /
schedule:
interval: weekly
labels:
- 'type: task'
- 'in: build'
ignore:
- dependency-name: sjohnr/*
- package-ecosystem: github-actions
target-branch: 6.3.x
directory: /
@ -106,14 +96,6 @@ updates:
- 'in: build'
ignore:
- dependency-name: sjohnr/*
- package-ecosystem: github-actions
target-branch: main
directory: /
schedule:
interval: weekly
labels:
- 'type: task'
- 'in: build'
- package-ecosystem: github-actions
target-branch: docs-build
directory: /