Alejandro Baez<p>I should've known an alternative existed for <a href="https://fosstodon.org/tags/dependabot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dependabot</span></a>. 😅</p><p><a href="https://fosstodon.org/tags/renovatebot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>renovatebot</span></a> is pretty interesting. You can run fairly quickly. And it supports <a href="https://fosstodon.org/tags/gitea" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>gitea</span></a> and <a href="https://fosstodon.org/tags/forgejo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>forgejo</span></a>. 😎</p><p><a href="https://github.com/renovatebot/renovate" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/renovatebot/renovat</span><span class="invisible">e</span></a></p>
Recent searches
No recent searches
Search options
Not available on photog.social.
photog.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A place for your photos and banter. Photog first is our motto
Please refer to the site rules before posting.
Administered by:
Server stats:
272active users
photog.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#dependabot
0 posts · 0 participants · 0 posts today
Chris is.<p>If you're not following it closely, you might have missed that <a href="https://wandering.shop/tags/uv" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>uv</span></a> support in <a href="https://wandering.shop/tags/dependabot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dependabot</span></a> is now available in beta: <a href="https://github.com/dependabot/dependabot-core/issues/10478#issuecomment-2691330949" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/dependabot/dependab</span><span class="invisible">ot-core/issues/10478#issuecomment-2691330949</span></a></p><p><a href="https://wandering.shop/tags/Python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Python</span></a></p>
viq<p>Running <a href="https://social.hackerspace.pl/tags/Authentik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authentik</span></a> with `latest` tag was convenient for <a href="https://social.hackerspace.pl/tags/homelab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>homelab</span></a>, but they're moving away from making it possible (edit: from having :latest tag available, nothing else changes). What are the alternatives? Is there maybe something like "<a href="https://social.hackerspace.pl/tags/dependabot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dependabot</span></a> but for <a href="https://social.hackerspace.pl/tags/kubernetes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kubernetes</span></a> images"? (I'm currently running on <a href="https://social.hackerspace.pl/tags/podman" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>podman</span></a> on nixos, but I'm considering finally playing with <a href="https://social.hackerspace.pl/tags/k8s" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>k8s</span></a>, and regardless, this should be able to make it so I have proper image on nixos as well, I think)</p>
Alvin Ashcraft 🐿️<p>Using Dependabot to Manage .NET SDK Updates.</p><p><a href="https://buff.ly/3B5F6eD" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">buff.ly/3B5F6eD</span><span class="invisible"></span></a> <br><a href="https://hachyderm.io/tags/dotnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dotnet</span></a> <a href="https://hachyderm.io/tags/dependabot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dependabot</span></a> <a href="https://hachyderm.io/tags/dependencies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dependencies</span></a> <a href="https://hachyderm.io/tags/updates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>updates</span></a></p>
Neil Craig<p>If you're seeing Dependabot PRs on Node projects named "Bump find-my-way and fastify" today and were not already on Fastify v5, be aware you'll need to update your Fastify config/usage (see <a href="https://fastify.dev/docs/latest/Guides/Migration-Guide-V5" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">fastify.dev/docs/latest/Guides</span><span class="invisible">/Migration-Guide-V5</span></a>).</p><p>The `find-my-way` (indirect for me) update requires Fastify v5 apparently and that broke several projects which weren't on Fastify v5 yet. Luckily (well, intentionally, obv) the breakages were caught by CICD in dev.</p><p><a href="https://mastodon.social/tags/Node" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Node</span></a> <a href="https://mastodon.social/tags/Fastify" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fastify</span></a> <a href="https://mastodon.social/tags/FindMyWay" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FindMyWay</span></a> <a href="https://mastodon.social/tags/Dependabot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Dependabot</span></a></p>
Robert Alexander<p><span class="h-card"><a href="https://urbanists.social/@fancysandwiches" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>fancysandwiches</span></a></span> I deployed one recently on <a href="https://indieweb.social/tags/digitalocean" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>digitalocean</span></a> . <a href="https://indieweb.social/tags/traefik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>traefik</span></a> reverse proxy, Django app, postgres. It's running at N=1 scale for the foreseeable future. It's containerized with <a href="https://indieweb.social/tags/docker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>docker</span></a> compose. I have a couple GitHub Actions workflows for testing. <a href="https://indieweb.social/tags/dependabot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dependabot</span></a> keeps the containers updated. Debian unattended-upgrades handles the host.</p><p>I don't autodeploy yet, I'm not pushing updates often enough and it's new enough that I want eyes on. Eventually, that will be a GitHub action too.</p>
Aral Balkan<p>Anyone else getting swarms of email notifications today that Dependabot was enabled on their GitHub repositories?</p><p><a href="https://mastodon.ar.al/tags/github" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>github</span></a> <a href="https://mastodon.ar.al/tags/dependabot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dependabot</span></a></p>
Marian Steinbach<p>It just occurred to me that using GitHub's <a href="https://gruene.social/tags/dependabot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Dependabot</span></a> the way they propose, our waste of compute resources (read: carbon dioxide) in CI will multiply.</p><p>Dependabot opens plenty of PRs. Then when something changes on the base branch, all PRs go through CI again.</p><p>Let's not take compute for granted. We must become smarter about our energy footprint!</p>
SearchLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
LoginDrag & drop to upload