Skip to content

Ignore sphinx minor versions for dependabot#41

Merged
ejfine merged 2 commits intomainfrom
ignore-sp
May 9, 2025
Merged

Ignore sphinx minor versions for dependabot#41
ejfine merged 2 commits intomainfrom
ignore-sp

Conversation

@ejfine
Copy link
Contributor

@ejfine ejfine commented May 9, 2025

Why is this change necessary?

dependabot was updating sphinx

How does this change address the issue?

stops it

What side effects does this change have?

N/A

How is this change tested?

isn't

@ejfine ejfine requested a review from Copilot May 9, 2025 18:01
@ejfine ejfine self-assigned this May 9, 2025
Copilot AI reviewed May 9, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR aims to prevent dependabot from automatically updating sphinx to newer minor versions.

  • Adds a rule for dependencies matching "sphinx*".
  • Specifies update types for sphinx to restrict version changes.

template/.github/dependabot.yml.jinja
- "version-update:semver-patch"
- dependency-name: "sphinx*" # read-the-docs uses specific versions of sphinx, so we generally want to stay tightly pinned unless there's a major version change
update-types:
- "version-update:semver-minor"
Copy link

Copilot AI May 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The update type 'version-update:semver-minor' contradicts the intended behavior described in the PR title and comment. Consider using a setting that prevents minor updates to ensure sphinx remains tightly pinned.

Suggested change
- "version-update:semver-minor"
- "version-update:semver-patch"

Copilot uses AI. Check for mistakes.
@ejfine ejfine requested a review from Copilot May 9, 2025 18:05
Copilot AI reviewed May 9, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR aims to prevent dependabot from updating "sphinx" dependencies beyond patch updates. Key changes include adding a new dependency rule for "sphinx*" and specifying allowed update types.

template/.github/dependabot.yml.jinja
- "version-update:semver-patch"
- dependency-name: "sphinx*" # read-the-docs uses specific versions of sphinx, so we generally want to stay tightly pinned unless there's a major version change
update-types:
- "version-update:semver-minor"
Copy link

Copilot AI May 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The PR title indicates that sphinx minor versions should be ignored, but the configuration currently allows semver minor updates. Consider removing or revising the 'version-update:semver-minor' entry to ensure the behavior matches the intended limitation.

Suggested change
- "version-update:semver-minor"

Copilot uses AI. Check for mistakes.
@ejfine ejfine merged commit 277f4c4 into main May 9, 2025
9 checks passed
@ejfine ejfine deleted the ignore-sp branch May 9, 2025 18:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

@ejfine ejfine

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ejfine