Set up dependabot#246
Conversation
mskacelik
left a comment
mskacelik
left a comment
There was a problem hiding this comment.
Since you are using groups, I am wondering if you could also "group" up maven plugins:
- "org.apache.maven.plugins:*"
- "net.revelc.code.formatter:*"
- "org.wildfly.checkstyle:*"
and the GitHub actions stuff.
| patterns: | ||
| - "io.quarkus*" | ||
| - "io.quarkiverse*" | ||
| testing: |
There was a problem hiding this comment.
I am not sure if this group is needed (testing), since these testing dependencies are dependent on the Quarkus version. Check the pom.xml: there is no dependency on JUnit, Mockito or RestAssured, only via Quarkus' dependencies => junit upgrades only when quarkus upgrades via Quarkus' bom.
Not to mention, as far as I know, we do not use RestAssured at all.
There was a problem hiding this comment.
You are right. I forgot to remove that. Thanks for checking
|
I updated the groups. I think that grouping actions is not worth it. Its rarely updated, I even thought about removing them from the config. |
mskacelik
left a comment
mskacelik
left a comment
There was a problem hiding this comment.
LGTM
Regarding the actions, fair enough, but I still think they should still be updated, I remember that in one of the SmallRye projects there was outdated setup-java and it broke the CI.
2 participants
fixes #244