Skip to content

MPT-16564 Setup dependabot #177

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
albertsola merged 1 commit into from
Jan 5, 2026
Merged

MPT-16564 Setup dependabot #177

albertsola merged 1 commit into from
Jan 5, 2026

Conversation

@albertsola
Copy link
Contributor

@albertsola albertsola commented Dec 31, 2025
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • Chores
    • Configured automated dependency management via Dependabot: Python dependencies update weekly (Mondays 08:00 UTC) with separate production/development groups, and Docker plus GitHub Actions updated monthly (08:00 UTC).
    • Pull requests will use scoped commit messages prefixed with "deps" and are limited to five open PRs per ecosystem to manage update volume.

✏️ Tip: You can customize this high-level summary in your review settings.

@coderabbitai
Copy link

coderabbitai bot commented Dec 31, 2025
edited
Loading

📝 Walkthrough

Walkthrough

A Dependabot configuration file is added to automate dependency updates across three package ecosystems: uv packages (weekly), Docker images (monthly), and GitHub Actions (monthly), with shared commit message prefixes and open PR limits.

Changes

Cohort / File(s) Change Summary
Dependabot Configuration
.github/dependabot.yml		 New file adds automated dependency update schedules for uv packages with separate production/development groups (weekly), Docker images (monthly), and GitHub Actions (monthly); all configured with "deps" commit prefix, 5 PR limit, and UTC scheduling.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

Poem

🐰 A config so neat, from the warren I wrote,
Dependencies dance to automation's sweet note,
Each Monday and month, the updates arrive,
Keeping the code fresh and projects alive!

Pre-merge checks and finishing touches

✅ Passed checks (2 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly describes the main change: setting up Dependabot configuration for automated dependency management.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch setup/dependabot
📜 Recent review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 3f0c4e7 and 8ccde46.

📒 Files selected for processing (1)
  • .github/dependabot.yml
🚧 Files skipped from review as they are similar to previous changes (1)
  • .github/dependabot.yml
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
  • GitHub Check: build

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions
Copy link

github-actions bot commented Dec 31, 2025
edited by atlassian bot
Loading

Warnings
⚠️

This PR modifies code (1 file(s)) but does not include any changes in the tests/ folder.

Please consider adding or updating tests to cover your changes.

✅ Found Jira issue key in the title: MPT-16564

Generated by 🚫 dangerJS against 8ccde46

@albertsola albertsola changed the title Setup dependabot MPT-16564 Setup dependabot Jan 5, 2026
@sonarqubecloud
Copy link

sonarqubecloud bot commented Jan 5, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@albertsola albertsola merged commit ea1b152 into main Jan 5, 2026
6 checks passed
@albertsola albertsola deleted the setup/dependabot branch January 5, 2026 08:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@d3rky d3rky d3rky approved these changes

@svazquezco svazquezco svazquezco approved these changes

@ruben-sebrango ruben-sebrango Awaiting requested review from ruben-sebrango

@jentyk jentyk Awaiting requested review from jentyk

@robcsegal robcsegal Awaiting requested review from robcsegal

@alephsur alephsur Awaiting requested review from alephsur

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@albertsola @d3rky @svazquezco