Skip to content

ci: allow Dependabot to group updates across ecosystems #856

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Jul 14, 2025
Merged

ci: allow Dependabot to group updates across ecosystems #856

merged 6 commits into from
Jul 14, 2025

Conversation

triceo
Copy link
Collaborator

@triceo triceo commented Jul 14, 2025

Description of the change

Description here

Checklist

Development

  • The changes have been covered with tests, if necessary.
  • You have a green build, with the exception of the flaky tests.
  • UI and JS files are fully tested, the user interface works for all modules affected by your changes (e.g., solve and analyze buttons).
  • The network calls work for all modules affected by your changes (e.g., solving a problem).
  • The console messages are validated for all modules affected by your changes.

Code Review

  • This pull request includes an explanatory title and description.
  • The GitHub issue is linked.
  • At least one other engineer has approved the changes.
  • After PR is merged, inform the reporter.

@triceo triceo requested a review from Copilot July 14, 2025 06:02
Copilot

This comment was marked as outdated.

Sign in to view

@triceo triceo requested a review from Copilot July 14, 2025 06:17
Copilot

This comment was marked as outdated.

Sign in to view

@triceo triceo changed the title ci: allow Dependabot access to Timefold enterprise repo ci: allow Dependabot to group updates across ecosystems Jul 14, 2025
@triceo triceo requested a review from Copilot July 14, 2025 06:19
Copilot
Copilot AI reviewed Jul 14, 2025
View reviewed changes
Copy link

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR reconfigures Dependabot to use a multi-ecosystem group for Maven, Gradle, and GitHub Actions updates and centralizes registry settings.

  • Adds a custom Maven Artifactory registry under registries
  • Defines a multi-ecosystem-groups.quickstarts block to group all updates
  • Updates individual updates entries to reference the quickstarts group
Comments suppressed due to low confidence (2)

.github/dependabot.yml:11

  • The quickstarts group currently only specifies schedule; it lacks a target-branch: "development" setting, so Dependabot will open PRs against the default branch instead of development.
  quickstarts:

.github/dependabot.yml:21

  • The registries field should be a list rather than a string. Use registries: ["*"] to allow matching multiple registries.
    registries: "*"

@triceo triceo merged commit 8a94af7 into development Jul 14, 2025
52 of 53 checks passed
@triceo triceo deleted the triceo-patch-1 branch July 14, 2025 07:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@triceo