gitlord
/
synapse
miroir de https://github.com/matrix-org/synapse.git
1
0
Bifurcation 0
Code Tickets 0 Versions 671 Wiki Activité
Parcourir la source

Document how to handle Dependabot pull requests. (#14916)

tags/v1.77.0rc1
Patrick Cloke il y a 1 an
committed by GitHub
Parent
836c592f15
révision
8bc5d1406c
Aucune clé connue n'a été trouvée dans la base pour cette signature ID de la clé GPG: 4AEE18F83AFDEB23
2 fichiers modifiés avec 15 ajouts et 0 suppressions
Vue séparée
Option de Diff
Voir les Statistiques Télécharger le Fichier Patch Télécharger le Fichier des Différences
  1. +1
    -0
      changelog.d/14916.misc
  2. +14
    -0
      docs/development/dependencies.md

+ 1
- 0
changelog.d/14916.misc Voir le fichier

@@ -0,0 +1 @@
Document how to handle Dependabot pull requests.

+ 14
- 0
docs/development/dependencies.md Voir le fichier

@@ -258,6 +258,20 @@ because [`build`](https://github.com/pypa/build) is a standardish tool which
doesn't require poetry. (It's what we use in CI too). However, you could try
`poetry build` too.

## ...handle a Dependabot pull request?

Synapse uses Dependabot to keep the `poetry.lock` file up-to-date. When it
creates a pull request a GitHub Action will run to automatically create a changelog
file. Ensure that:

* the lockfile changes look reasonable;
* the upstream changelog file (linked in the description) doesn't include any
breaking changes;
* continuous integration passes (due to permissions, the GitHub Actions run on
the changelog commit will fail, look at the initial commit of the pull request);

In particular, any updates to the type hints (usually packages which start with `types-`)
should be safe to merge if linting passes.

# Troubleshooting



Écrire Aperçu
Chargement…
Annuler
Enregistrer