Skip to content

chore: (dependabot): move back to npm #144

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jul 12, 2025
Merged

chore: (dependabot): move back to npm #144

merged 4 commits into from
Jul 12, 2025

Conversation

GalvinPython
Copy link
Owner

Dependabot has issues with bun, so this is moving back to npm. Also

  • Removes me as assignee (codeowners)
  • Updates bun.lock using actions (yay thats back again)
  • Removes labels so that it doesn't break for when I restructure the repo

@GalvinPython
chore(dependabot): move back to npm
b81548c 
also removes me as assignee (codeowners)
@GalvinPython GalvinPython added this to the 2.0.0 milestone Jul 12, 2025
@GalvinPython GalvinPython requested a review from Copilot July 12, 2025 20:23
@GalvinPython GalvinPython self-assigned this Jul 12, 2025
@GalvinPython GalvinPython moved this to In review in Feedr Jul 12, 2025
Copilot
Copilot AI reviewed Jul 12, 2025
View reviewed changes
Copy link

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Move Dependabot configuration back to npm and add an automated bun.lock update workflow, while removing assignees and labels.

  • Switch Dependabot package-ecosystem from bun to npm for both root and /web
  • Add a new GitHub Actions workflow to keep bun.lock up to date
  • Remove custom assignees and labels in dependabot.yml

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File Description
.github/workflows/dependabot_bun.yml New workflow to install with Bun and commit bun.lock
.github/dependabot.yml Change Dependabot ecosystem to npm and drop assignees/labels
Comments suppressed due to low confidence (2)

.github/workflows/dependabot_bun.yml:20

  • To ensure git pull --rebase works correctly, configure the checkout step with fetch-depth: 0 (e.g., with: fetch-depth: 0).
        uses: actions/checkout@v4

.github/dependabot.yml:2

  • [nitpick] Consider rephrasing or removing informal comments/emojis to maintain a professional tone in configuration files.
# because wow dependabot is so broken for it 😭

@GalvinPython
Copy link
Owner Author

well done me, you just added 3 commits for no reason 👏

@GalvinPython GalvinPython merged commit 8ca3d25 into dev Jul 12, 2025
2 checks passed
@github-project-automation github-project-automation bot moved this from In review to Done in Feedr Jul 12, 2025
@GalvinPython GalvinPython deleted the fix/dependabot branch July 12, 2025 20:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

@GalvinPython GalvinPython

Labels
None yet
Projects
Feedr
Status: Done
Milestone
2.0.0
Development

Successfully merging this pull request may close these issues.
1 participant
@GalvinPython