From e733d719730f49a307c6b8204066138a7833836d Mon Sep 17 00:00:00 2001 From: teor Date: Mon, 10 Jul 2023 11:27:14 +1000 Subject: [PATCH] change(devops): Reduce number of dependabot PRs (#7156) * Reduce number of dependabot PRs * Validate dependabot config before merging * Fix indentation * Fix spacing again * Split large group * Expand comments, fix typos Co-authored-by: Marek --------- Co-authored-by: Marek Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> --- .github/dependabot.yml | 128 +++++++++++++++++++++++++++++++++++-- .github/workflows/lint.yml | 5 +- 2 files changed, 128 insertions(+), 5 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 8f810e4b..e5a061c8 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -2,21 +2,141 @@ version: 2 updates: - package-ecosystem: cargo directory: '/' + # serde, clap, and other dependencies sometimes have multiple updates in a week schedule: - interval: daily + interval: weekly timezone: America/New_York - open-pull-requests-limit: 10 + # Limit dependabot to 2 PRs per reviewer, but assume one reviewer is busy or away + open-pull-requests-limit: 8 labels: - 'C-trivial' - 'A-rust' - 'A-dependencies' - 'P-Low :snowflake:' + groups: + ecc: + patterns: + # deliberately include zcash_script (even though it is maintained by ZF) + - "zcash_*" + - "orchard" + - "halo2*" + - "incrementalmerkletree" + - "equihash" + # addresses + - "bs58" + - "ripemd" + # groups are limited to 10 items + crypto: + patterns: + - "bellman" + - "redjubjub" + - "reddsa" + - "jubjub" + - "group" + - "bls12_381" + - "blake*" + - "secp256k1" + - "sha2" + ed25519-zebra: + patterns: + - "ed25519*" + - "curve25519*" + - "x25519*" + tokio: + patterns: + - "tokio*" + - "console-subscriber" + tower: + patterns: + - "tower*" + dirs: + patterns: + - "dirs*" + - "directories*" + - "tempfile" + grpc: + patterns: + - "prost*" + - "tonic*" + vergen: + patterns: + - "vergen" + - "git*" + - "libgit*" + http: + patterns: + - "hyper*" + - "h2" + - "reqwest" + tracing: + patterns: + - "tracing*" + - "log" + error: + patterns: + - "*eyre*" + - "thiserror" + - "displaydoc" + - "spandoc" + - "owo-colors" + once-cell: + patterns: + - "once_cell" + - "lazy_static" + progress-bar: + patterns: + - "indicatif" + - "howudoin" + time: + patterns: + - "chrono*" + - "time*" + - "humantime*" + cli: + patterns: + - "abscissa*" + - "structopt*" + - "clap*" + - "atty*" + flamegraph: + patterns: + - "tracing-flame" + - "inferno" + serde: + patterns: + - "serde*" + futures: + patterns: + - "futures*" + sentry: + patterns: + - "sentry*" + metrics: + patterns: + - "metrics*" + bitflags: + patterns: + - "bitflags*" + jsonrpc: + patterns: + - "jsonrpc*" + - "serde_json" + rand: + patterns: + - "rand*" + pin-project: + patterns: + - "pin-project*" + proptest: + patterns: + - "proptest*" - package-ecosystem: github-actions directory: '/' schedule: - interval: daily + # tj-actions/changed-files often updates daily, which is too much for us + interval: weekly timezone: America/New_York - open-pull-requests-limit: 10 + open-pull-requests-limit: 6 labels: - 'C-trivial' - 'A-devops' diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 02c5e08b..c75280be 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -178,10 +178,13 @@ jobs: if: ${{ needs.changed-files.outputs.workflows == 'true' }} steps: - uses: actions/checkout@v3.5.3 - - uses: reviewdog/action-actionlint@v1.37.1 + - name: actionlint + uses: reviewdog/action-actionlint@v1.37.1 with: level: warning fail_on_error: false + - name: validate-dependabot + uses: marocchino/validate-dependabot@v2.1.0 codespell: runs-on: ubuntu-latest