Skip to content

Commit

Permalink
deps: ignore dependabot for peer dependencies (jaredpalmer#904)
Browse files Browse the repository at this point in the history 
- several of the dependencies in the tree are only there because they
  are peerDeps, and not because we directly depend on them
  - they should only be upgraded in tandem with the dep(s) they are
    peers of and pretty much never in isolation

- Greenkeeper made several PRs for peers which previously caused an
  erroneous/buggy update of `@types/jest` to 25 many months before Jest
  was upgraded to 25
  - and honestly those Greenkeeper PRs for peers had confused me a
    good deal too
  • Loading branch information
@agilgur5 @paul-vd
agilgur5 authored and paul-vd committed Dec 1, 2020
1 parent d1a3ed3 commit 008b813
Showing 1 changed file with 14 additions and 0 deletions.
14 changes: 14 additions & 0 deletions .github/dependabot.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,20 @@ updates:
# only upgrade prod deps (not devDeps)
- dependency-name: '*'
dependency-type: production
ignore:
# ignore eslint-config-react-app's peerDeps
- dependency-name: '@typescript-eslint/eslint-plugin'
- dependency-name: '@typescript-eslint/parser'
- dependency-name: 'babel-eslint'
- dependency-name: 'eslint-plugin-flowtype'
- dependency-name: 'eslint-plugin-import'
- dependency-name: 'eslint-plugin-jsx-a11y'
- dependency-name: 'eslint-plugin-react'
- dependency-name: 'eslint-plugin-react-hooks'
# ignore Jest's "peers" that should be upgraded simultaneously with Jest
- dependency-name: '@types/jest'
- dependency-name: 'jest-watch-typeahead'
- dependency-name: 'ts-jest'
# temporarily disable dep upgrade PRs for / as they're being updated
open-pull-requests-limit: 0

Expand Down

0 comments on commit 008b813

Please sign in to comment.