[core] Introduce dependabot #16679

eps1lon · 2019-07-22T12:29:11Z

Updates were filed by https://dependabot.com/ which was recently acquired by GitHub and is free of charge.

On a configured schedule (live, daily, weekly) it files pull request for each dependency update. One PR per change is good because it helps isolating and fixing breaking changes. Examples:

I would propose enabling it for the main repo so that I don't have to batch and file changes to get access to CI. This is really time consuming. If it creates too much noise we can just disable it. It doesn't get easier than this.

Control happens via comments towards the bot e.g. @dependabot ignore this minor. This can be helpful if a package accidentally introduced breaking changes or we were using it in an unofficial way. We can shut down dependabot until such a dependency introduces interesting features/fixes that we really want to included and fixing breaking changes becomes valueable.

The overall goal is to reduce maintenance burden which is (IMO) mainly achieved by:

filing these PRs automatically (no need to watch for releases and manually creating a PR).
including changelog, commits etc in the PR (no need to search for what actually changed)
compatibility score on each PR (gets better the more repos adopt dependabot)
@dependabot merge command (merges as soon as CI is green): especially helpful for dependencies that are well covered by CI (e.g. test utils)

TODO:

enable
configure (target master and change to weekly preferably a monday since we usually release on the weekend)

used the following config

deferred bumps:

prettier (adds trailing commas that are not allowed in typescript)
raw-loader (uses es6 module semantics)
tslint (we just have this in the package.json for completeness; we want the version dtslint is using)
babel-plugin-preval (3.x has breaking change)

mui-pr-bot · 2019-07-22T12:36:47Z

Details of bundle changes.

Comparing: fd24690...2a30d22

bundle	parsed diff	gzip diff	prev parsed	current parsed	prev gzip	current gzip
@material-ui/core	+0.02% 🔺	-0.03%	327,046	327,115	90,280	90,251
@material-ui/core/Paper	+0.06% 🔺	-0.02%	68,161	68,203	20,407	20,402
@material-ui/core/Paper.esm	+0.04% 🔺	+0.02% 🔺	61,960	61,982	19,210	19,214
@material-ui/core/Popper	0.00%	0.00%	28,957	28,957	10,426	10,426
@material-ui/core/Textarea	0.00%	0.00%	5,538	5,538	2,369	2,369
@material-ui/core/TrapFocus	0.00%	0.00%	3,808	3,808	1,600	1,600
@material-ui/core/styles/createMuiTheme	0.00%	0.00%	16,155	16,155	5,812	5,812
@material-ui/core/useMediaQuery	0.00%	0.00%	3,098	3,098	1,315	1,315
@material-ui/lab	+0.02% 🔺	0.00%	141,883	141,905	43,669	43,671
@material-ui/styles	+0.08% 🔺	-0.01%	51,577	51,619	15,404	15,403
@material-ui/system	0.00%	0.00%	15,570	15,570	4,436	4,436
Button	+0.03% 🔺	0.00%	79,771	79,793	24,357	24,357
Modal	0.00%	0.00%	14,631	14,631	5,225	5,225
Portal	0.00%	0.00%	3,484	3,484	1,565	1,565
Rating	+0.03% 🔺	+0.04% 🔺	70,524	70,546	22,086	22,094
Slider	+0.03% 🔺	+0.01% 🔺	75,295	75,317	23,337	23,339
colorManipulator	0.00%	0.00%	3,904	3,904	1,543	1,543
docs.landing	+0.01% 🔺	+0.03% 🔺	51,322	51,328	13,565	13,569
docs.main	+0.42% 🔺	+0.45% 🔺	580,922	583,358	190,591	191,446
packages/material-ui/build/umd/material-ui.production.min.js	0.00%	0.00%	301,450	301,450	86,668	86,668
docs: /	0.00%	0.00%	55,300	55,300	-1	-1
docs: /_app	0.00%	0.00%	136,000	136,000	-1	-1
docs: /_error	0.00%	0.00%	2,110	2,110	-1	-1
docs: /blog/2019-developer-survey-results	0.00%	0.00%	13,600	13,600	-1	-1
docs: /blog/april-2019-update	0.00%	0.00%	4,620	4,620	-1	-1
docs: /blog/june-2019-update	0.00%	0.00%	2,200	2,200	-1	-1
docs: /blog/march-2019-update	0.00%	0.00%	3,180	3,180	-1	-1
docs: /blog/material-ui-v4-is-out	0.00%	0.00%	22,600	22,600	-1	-1
docs: /blog/may-2019-update	0.00%	0.00%	2,750	2,750	-1	-1
docs: /components/about-the-lab	0.00%	0.00%	6,370	6,370	-1	-1
docs: /components/app-bar	0.00%	0.00%	132,000	132,000	-1	-1
docs: /components/autocomplete	-6.89%	0.00%	305,000	284,000	-1	-1
docs: /components/avatars	0.00%	0.00%	26,600	26,600	-1	-1
docs: /components/badges	0.00%	0.00%	60,600	60,600	-1	-1
docs: /components/bottom-navigation	0.00%	0.00%	26,900	26,900	-1	-1
docs: /components/box	0.00%	0.00%	32,800	32,800	-1	-1
docs: /components/breadcrumbs	-1.42%	0.00%	98,800	97,400	-1	-1
docs: /components/buttons	-0.43%	0.00%	233,000	232,000	-1	-1
docs: /components/cards	0.00%	0.00%	72,400	72,400	-1	-1
docs: /components/checkboxes	0.00%	0.00%	65,100	65,100	-1	-1
docs: /components/chips	0.00%	0.00%	114,000	114,000	-1	-1
docs: /components/click-away-listener	0.00%	0.00%	13,300	13,300	-1	-1
docs: /components/container	0.00%	0.00%	13,300	13,300	-1	-1
docs: /components/css-baseline	0.00%	0.00%	20,100	20,100	-1	-1
docs: /components/dialogs	0.00%	0.00%	220,000	220,000	-1	-1
docs: /components/dividers	0.00%	0.00%	50,500	50,500	-1	-1
docs: /components/drawers	0.00%	0.00%	225,000	225,000	-1	-1
docs: /components/expansion-panels	0.00%	0.00%	83,700	83,700	-1	-1
docs: /components/grid	0.00%	0.00%	152,000	152,000	-1	-1
docs: /components/grid-list	0.00%	0.00%	56,800	56,800	-1	-1
docs: /components/hidden	0.00%	0.00%	54,700	54,700	-1	-1
docs: /components/icons	0.00%	0.00%	145,000	145,000	-1	-1
docs: /components/links	-2.70%	0.00%	51,900	50,500	-1	-1
docs: /components/lists	+0.65% 🔺	0.00%	155,000	156,000	-1	-1
docs: /components/menus	+1.02% 🔺	0.00%	88,500	89,400	-1	-1
docs: /components/modal	0.00%	0.00%	37,300	37,300	-1	-1
docs: /components/no-ssr	0.00%	0.00%	15,800	15,800	-1	-1
docs: /components/paper	0.00%	0.00%	9,510	9,510	-1	-1
docs: /components/pickers	+1.60% 🔺	0.00%	188,000	191,000	-1	-1
docs: /components/popover	+1.18% 🔺	0.00%	67,800	68,600	-1	-1
docs: /components/popper	+0.88% 🔺	0.00%	113,000	114,000	-1	-1
docs: /components/portal	0.00%	0.00%	12,100	12,100	-1	-1
docs: /components/progress	0.00%	0.00%	102,000	102,000	-1	-1
docs: /components/radio-buttons	0.00%	0.00%	57,800	57,800	-1	-1
docs: /components/rating	0.00%	0.00%	49,800	49,800	-1	-1
docs: /components/selects	0.00%	0.00%	163,000	163,000	-1	-1
docs: /components/slider	0.00%	0.00%	78,900	78,900	-1	-1
docs: /components/snackbars	0.00%	0.00%	117,000	117,000	-1	-1
docs: /components/speed-dial	0.00%	0.00%	53,500	53,500	-1	-1
docs: /components/steppers	0.00%	0.00%	207,000	207,000	-1	-1
docs: /components/switches	0.00%	0.00%	72,900	72,900	-1	-1
docs: /components/tables	+1.50% 🔺	0.00%	731,000	742,000	-1	-1
docs: /components/tabs	0.00%	0.00%	166,000	166,000	-1	-1
docs: /components/text-fields	0.00%	0.00%	303,000	303,000	-1	-1
docs: /components/textarea-autosize	0.00%	0.00%	9,750	9,750	-1	-1
docs: /components/toggle-button	0.00%	0.00%	21,800	21,800	-1	-1
docs: /components/tooltips	0.00%	0.00%	94,500	94,500	-1	-1
docs: /components/transfer-list	0.00%	0.00%	47,800	47,800	-1	-1
docs: /components/transitions	0.00%	0.00%	58,000	58,000	-1	-1
docs: /components/typography	0.00%	0.00%	38,800	38,800	-1	-1
docs: /components/use-media-query	0.00%	0.00%	60,600	60,600	-1	-1
docs: /customization/breakpoints	0.00%	0.00%	80,500	80,500	-1	-1
docs: /customization/color	0.00%	0.00%	97,700	97,700	-1	-1
docs: /customization/components	0.00%	0.00%	164,000	164,000	-1	-1
docs: /customization/default-theme	-26.68%	0.00%	75,700	55,500	-1	-1
docs: /customization/density	0.00%	0.00%	39,300	39,300	-1	-1
docs: /customization/globals	0.00%	0.00%	19,800	19,800	-1	-1
docs: /customization/palette	0.00%	0.00%	57,500	57,500	-1	-1
docs: /customization/spacing	0.00%	0.00%	12,600	12,600	-1	-1
docs: /customization/themes	0.00%	0.00%	61,400	61,400	-1	-1
docs: /customization/typography	-0.93%	0.00%	431,000	427,000	-1	-1
docs: /customization/z-index	0.00%	0.00%	9,730	9,730	-1	-1
docs: /discover-more/backers	0.00%	0.00%	6,840	6,840	-1	-1
docs: /discover-more/changelog	0.00%	0.00%	3,560	3,560	-1	-1
docs: /discover-more/community	0.00%	0.00%	5,440	5,440	-1	-1
docs: /discover-more/governance	0.00%	0.00%	6,800	6,800	-1	-1
docs: /discover-more/languages	0.00%	0.00%	10,100	10,100	-1	-1
docs: /discover-more/related-projects	0.00%	0.00%	18,800	18,800	-1	-1
docs: /discover-more/roadmap	0.00%	0.00%	6,610	6,610	-1	-1
docs: /discover-more/showcase	0.00%	0.00%	70,300	70,300	-1	-1
docs: /discover-more/team	0.00%	0.00%	21,800	21,800	-1	-1
docs: /discover-more/vision	0.00%	0.00%	19,100	19,100	-1	-1
docs: /getting-started/example-projects	0.00%	0.00%	24,000	24,000	-1	-1
docs: /getting-started/faq	0.00%	0.00%	154,000	154,000	-1	-1
docs: /getting-started/installation	0.00%	0.00%	31,600	31,600	-1	-1
docs: /getting-started/learn	0.00%	0.00%	37,300	37,300	-1	-1
docs: /getting-started/page-layout-examples	0.00%	0.00%	29,000	29,000	-1	-1
docs: /getting-started/page-layout-examples/album	0.00%	0.00%	9,850	9,850	-1	-1
docs: /getting-started/page-layout-examples/blog	+0.31% 🔺	0.00%	31,900	32,000	-1	-1
docs: /getting-started/page-layout-examples/checkout	0.00%	0.00%	46,500	46,500	-1	-1
docs: /getting-started/page-layout-examples/dashboard	-0.76%	0.00%	393,000	390,000	-1	-1
docs: /getting-started/page-layout-examples/pricing	0.00%	0.00%	20,300	20,300	-1	-1
docs: /getting-started/page-layout-examples/sign-in	0.00%	0.00%	43,200	43,200	-1	-1
docs: /getting-started/page-layout-examples/sign-in-side	0.00%	0.00%	43,500	43,500	-1	-1
docs: /getting-started/page-layout-examples/sign-up	0.00%	0.00%	43,600	43,600	-1	-1
docs: /getting-started/page-layout-examples/sticky-footer	0.00%	0.00%	2,090	2,090	-1	-1
docs: /getting-started/supported-components	0.00%	0.00%	73,800	73,800	-1	-1
docs: /getting-started/supported-platforms	0.00%	0.00%	23,800	23,800	-1	-1
docs: /getting-started/usage	0.00%	0.00%	32,200	32,200	-1	-1
docs: /guides/api	0.00%	0.00%	62,100	62,100	-1	-1
docs: /guides/composition	-1.89%	0.00%	106,000	104,000	-1	-1
docs: /guides/flow	0.00%	0.00%	6,690	6,690	-1	-1
docs: /guides/interoperability	+1.08% 🔺	0.00%	185,000	187,000	-1	-1
docs: /guides/migration-v0x	0.00%	0.00%	52,300	52,300	-1	-1
docs: /guides/migration-v3	0.00%	0.00%	131,000	131,000	-1	-1
docs: /guides/minimizing-bundle-size	0.00%	0.00%	45,500	45,500	-1	-1
docs: /guides/responsive-ui	0.00%	0.00%	14,400	14,400	-1	-1
docs: /guides/right-to-left	0.00%	0.00%	46,300	46,300	-1	-1
docs: /guides/server-rendering	0.00%	0.00%	58,500	58,500	-1	-1
docs: /guides/testing	0.00%	0.00%	53,900	53,900	-1	-1
docs: /guides/typescript	0.00%	0.00%	80,100	80,100	-1	-1
docs: /performance/table-component	0.00%	0.00%	1,340	1,340	-1	-1
docs: /performance/table-emotion	+3.97% 🔺	0.00%	25,200	26,200	-1	-1
docs: /performance/table-hook	0.00%	0.00%	1,420	1,420	-1	-1
docs: /performance/table-mui	0.00%	0.00%	6,280	6,280	-1	-1
docs: /performance/table-raw	0.00%	0.00%	1,110	1,110	-1	-1
docs: /performance/table-styled-components	+3.94% 🔺	0.00%	43,200	44,900	-1	-1
docs: /premium-themes/onepirate	0.00%	0.00%	50,600	50,600	-1	-1
docs: /premium-themes/onepirate/forgot-password	+1.45% 🔺	0.00%	76,000	77,100	-1	-1
docs: /premium-themes/onepirate/privacy	+0.29% 🔺	0.00%	69,500	69,700	-1	-1
docs: /premium-themes/onepirate/sign-in	+1.31% 🔺	0.00%	76,400	77,400	-1	-1
docs: /premium-themes/onepirate/sign-up	+1.31% 🔺	0.00%	76,600	77,600	-1	-1
docs: /premium-themes/onepirate/terms	+0.22% 🔺	0.00%	92,300	92,500	-1	-1
docs: /premium-themes/paperbase	0.00%	0.00%	54,200	54,200	-1	-1
docs: /styles/advanced	+0.43% 🔺	0.00%	235,000	236,000	-1	-1
docs: /styles/api	0.00%	0.00%	126,000	126,000	-1	-1
docs: /styles/basics	0.00%	0.00%	89,300	89,300	-1	-1
docs: /system/api	0.00%	0.00%	77,700	77,700	-1	-1
docs: /system/basics	+1.07% 🔺	0.00%	187,000	189,000	-1	-1
docs: /system/borders	0.00%	0.00%	37,800	37,800	-1	-1
docs: /system/display	0.00%	0.00%	58,000	58,000	-1	-1
docs: /system/flexbox	0.00%	0.00%	68,400	68,400	-1	-1
docs: /system/palette	0.00%	0.00%	27,600	27,600	-1	-1
docs: /system/positions	0.00%	0.00%	22,000	22,000	-1	-1
docs: /system/shadows	+0.47% 🔺	0.00%	21,100	21,200	-1	-1
docs: /system/sizing	0.00%	0.00%	29,900	29,900	-1	-1
docs: /system/spacing	0.00%	0.00%	49,700	49,700	-1	-1
docs: /system/typography	0.00%	0.00%	45,100	45,100	-1	-1
docs: /versions	0.00%	0.00%	76,700	76,700	-1	-1

Generated by 🚫 dangerJS against 2a30d22

eps1lon · 2019-07-22T15:33:45Z

Upgrading raw-loader is a bit tricky since it uses ES6 modules now instead of commonJS. Once it includes features/bug fixes we can revisit.

* Bump enzyme from 3.9.0 to 3.10.0 Bumps [enzyme](https://github.com/airbnb/enzyme/tree/HEAD/packages/enzyme) from 3.9.0 to 3.10.0. - [Release notes](https://github.com/airbnb/enzyme/releases) - [Changelog](https://github.com/airbnb/enzyme/blob/master/CHANGELOG.md) - [Commits](https://github.com/airbnb/enzyme/commits/enzyme@3.10.0/packages/enzyme) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> * Add dependabot badge * Fix failing test

Bumps [webpack-cli](https://github.com/webpack/webpack-cli) from 3.3.2 to 3.3.6. - [Release notes](https://github.com/webpack/webpack-cli/releases) - [Changelog](https://github.com/webpack/webpack-cli/blob/v3.3.6/CHANGELOG.md) - [Commits](webpack/webpack-cli@v3.3.2...v3.3.6) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [lodash.template](https://github.com/lodash/lodash) from 4.4.0 to 4.5.0. **This update includes security fixes.** - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.4.0...4.5.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.14 to 4.17.15. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.14...4.17.15) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Updates the requirements on [react-docgen](https://github.com/reactjs/react-docgen) to permit the latest version. - [Release notes](https://github.com/reactjs/react-docgen/releases) - [Commits](reactjs/react-docgen@v5.0.0-beta.1...v5.0.0-beta.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Updates the requirements on [jss-rtl](https://github.com/alitaheri/jss-rtl) to permit the latest version. - [Release notes](https://github.com/alitaheri/jss-rtl/releases) - [Commits](alitaheri/jss-rtl@v0.2.1...v0.2.3) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Updates the requirements on [@material-ui/pickers](https://github.com/mui-org/material-ui-pickers) to permit the latest version. - [Release notes](https://github.com/mui-org/material-ui-pickers/releases) - [Commits](mui/material-ui-pickers@v3.1.1...v3.2.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Bump @date-io/date-fns from 1.3.5 to 1.3.8 (#93) Bumps [@date-io/date-fns](https://github.com/dmtrKovalenko/date-io) from 1.3.5 to 1.3.8. - [Release notes](https://github.com/dmtrKovalenko/date-io/releases) - [Commits](dmtrKovalenko/date-io@v1.3.5...v1.3.8) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

) Updates the requirements on [react-autosuggest](https://github.com/moroshko/react-autosuggest) to permit the latest version. - [Release notes](https://github.com/moroshko/react-autosuggest/releases) - [Commits](moroshko/react-autosuggest@v9.3.2...v9.4.3) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Updates the requirements on [redux](https://github.com/reduxjs/redux) to permit the latest version. - [Release notes](https://github.com/reduxjs/redux/releases) - [Changelog](https://github.com/reduxjs/redux/blob/master/CHANGELOG.md) - [Commits](reduxjs/redux@v4.0.0...v4.0.4) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Updates the requirements on [jscodeshift](https://github.com/facebook/jscodeshift) to permit the latest version. - [Release notes](https://github.com/facebook/jscodeshift/releases) - [Changelog](https://github.com/facebook/jscodeshift/blob/master/CHANGELOG.md) - [Commits](facebook/jscodeshift@v0.6.0...v0.6.4) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Updates the requirements on [warning](https://github.com/BerkeleyTrue/warning) to permit the latest version. - [Release notes](https://github.com/BerkeleyTrue/warning/releases) - [Changelog](https://github.com/BerkeleyTrue/warning/blob/master/CHANGELOG.md) - [Commits](BerkeleyTrue/warning@v4.0.1...v4.0.3) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Updates the requirements on [react-is](https://github.com/facebook/react/tree/HEAD/packages/react-is) to permit the latest version. - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v16.8.6/packages/react-is) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Updates the requirements on [marked](https://github.com/markedjs/marked) to permit the latest version. - [Release notes](https://github.com/markedjs/marked/releases) - [Commits](markedjs/marked@v0.6.0...v0.7.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [typescript](https://github.com/Microsoft/TypeScript) from 3.2.2 to 3.2.4. - [Release notes](https://github.com/Microsoft/TypeScript/releases) - [Commits](microsoft/TypeScript@v3.2.2...v3.2.4) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [material-ui-popup-state](https://github.com/jcoreio/material-ui-popup-state) from 1.3.2 to 1.4.0. - [Release notes](https://github.com/jcoreio/material-ui-popup-state/releases) - [Commits](jcoreio/material-ui-popup-state@v1.3.2...v1.4.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [danger](https://github.com/danger/danger-js) from 7.1.4 to 9.1.3. - [Release notes](https://github.com/danger/danger-js/releases) - [Changelog](https://github.com/danger/danger-js/blob/master/CHANGELOG.md) - [Commits](danger/danger-js@7.1.4...9.1.3) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [react-window](https://github.com/bvaughn/react-window) from 1.8.1 to 1.8.5. - [Release notes](https://github.com/bvaughn/react-window/releases) - [Changelog](https://github.com/bvaughn/react-window/blob/master/CHANGELOG.md) - [Commits](bvaughn/react-window@1.8.1...1.8.5) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [@types/enzyme](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/enzyme) from 3.9.1 to 3.10.3. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/enzyme) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [eslint-plugin-jsx-a11y](https://github.com/evcohen/eslint-plugin-jsx-a11y) from 6.2.1 to 6.2.3. - [Release notes](https://github.com/evcohen/eslint-plugin-jsx-a11y/releases) - [Changelog](https://github.com/evcohen/eslint-plugin-jsx-a11y/blob/master/CHANGELOG.md) - [Commits](infofarmer/eslint-plugin-jsx-a11y@v6.2.1...v6.2.3) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Bump rollup-plugin-terser from 5.0.0 to 5.1.1 Bumps [rollup-plugin-terser](https://github.com/TrySound/rollup-plugin-terser) from 5.0.0 to 5.1.1. - [Release notes](https://github.com/TrySound/rollup-plugin-terser/releases) - [Commits](TrySound/rollup-plugin-terser@v5.0.0...v5.1.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> * Bump terser related deps

Bumps [lerna](https://github.com/lerna/lerna/tree/HEAD/core/lerna) from 3.16.2 to 3.16.3. - [Release notes](https://github.com/lerna/lerna/releases) - [Changelog](https://github.com/lerna/lerna/blob/master/core/lerna/CHANGELOG.md) - [Commits](https://github.com/lerna/lerna/commits/v3.16.3/core/lerna) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [@types/react-router-dom](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-router-dom) from 4.3.2 to 4.3.4. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-router-dom) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [@babel/node](https://github.com/babel/babel) from 7.2.2 to 7.5.5. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md) - [Commits](babel/babel@v7.2.2...v7.5.5) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [eslint-config-airbnb](https://github.com/airbnb/javascript) from 17.1.0 to 17.1.1. - [Release notes](https://github.com/airbnb/javascript/releases) - [Commits](airbnb/javascript@eslint-config-airbnb-v17.1.0...eslint-config-airbnb-v17.1.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [babel-plugin-istanbul](https://github.com/istanbuljs/babel-plugin-istanbul) from 5.1.4 to 5.2.0. - [Release notes](https://github.com/istanbuljs/babel-plugin-istanbul/releases) - [Changelog](https://github.com/istanbuljs/babel-plugin-istanbul/blob/master/CHANGELOG.md) - [Commits](istanbuljs/babel-plugin-istanbul@v5.1.4...v5.2.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [@types/react-transition-group](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-transition-group) from 2.9.2 to 4.2.0. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-transition-group) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [final-form](https://github.com/final-form/final-form) from 4.12.0 to 4.18.2. - [Release notes](https://github.com/final-form/final-form/releases) - [Commits](final-form/final-form@v4.12.0...v4.18.2) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [lerna](https://github.com/lerna/lerna/tree/HEAD/core/lerna) from 3.16.3 to 3.16.4. - [Release notes](https://github.com/lerna/lerna/releases) - [Changelog](https://github.com/lerna/lerna/blob/master/core/lerna/CHANGELOG.md) - [Commits](https://github.com/lerna/lerna/commits/v3.16.4/core/lerna) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

oliviertassinari · 2019-07-24T10:09:54Z

💯 for trying it and learning from it

merceyz · 2019-07-24T11:58:53Z

README.md

@@ -17,6 +17,7 @@
 [![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/1320/badge)](https://bestpractices.coreinfrastructure.org/projects/1320)
 ![Code style](https://img.shields.io/badge/code_style-prettier-ff69b4.svg)
 [![Follow on Twitter](https://img.shields.io/twitter/follow/MaterialUI.svg?label=follow+Material-UI)](https://twitter.com/MaterialUI)
+[![Dependabot Status](https://api.dependabot.com/badges/status?host=github&repo=eps1lon/material-ui)](https://dependabot.com)


Suggested change

[![Dependabot Status](https://api.dependabot.com/badges/status?host=github&repo=eps1lon/material-ui)](https://dependabot.com)

[![Dependabot Status](https://api.dependabot.com/badges/status?host=github&repo=mui-org/material-ui)](https://dependabot.com)

eps1lon added the core label Jul 22, 2019

This comment has been minimized.

Sign in to view

eps1lon force-pushed the auto-deps branch from d73949c to 5647564 Compare July 22, 2019 13:22

eps1lon added the dependencies Update of dependencies label Jul 22, 2019

eps1lon force-pushed the auto-deps branch 2 times, most recently from 46396da to d7b1b9e Compare July 22, 2019 15:21

eps1lon force-pushed the auto-deps branch 7 times, most recently from 368c0f5 to 1845319 Compare July 23, 2019 08:47

dependabot-preview bot added 4 commits July 23, 2019 08:54

eps1lon force-pushed the auto-deps branch from 1845319 to 7434fa1 Compare July 23, 2019 08:58

dependabot-preview bot added 2 commits July 23, 2019 09:03

eps1lon force-pushed the auto-deps branch from 7434fa1 to 01fa47c Compare July 23, 2019 09:45

dependabot-preview bot added 7 commits July 23, 2019 09:52

dependabot-preview bot added 14 commits July 23, 2019 21:59

eps1lon force-pushed the auto-deps branch 2 times, most recently from 4a271f3 to 7ce9d2a Compare July 23, 2019 21:49

eps1lon marked this pull request as ready for review July 24, 2019 09:11

eps1lon requested a review from oliviertassinari July 24, 2019 09:14

eps1lon added 2 commits July 24, 2019 13:12

Merge branch 'master' into auto-deps

bba2694

codecov doesnt care about merge commits

2a30d22

This was referenced Jul 24, 2019

[Security] Bump lodash.template from 4.4.0 to 4.5.0 #16710

Closed

Bump react-virtualized from 9.21.0 to 9.21.1 #16711

Closed

oliviertassinari approved these changes Jul 24, 2019

View reviewed changes

eps1lon merged commit 6a51c75 into mui:master Jul 24, 2019

eps1lon deleted the auto-deps branch July 24, 2019 11:51

merceyz reviewed Jul 24, 2019

View reviewed changes

eps1lon mentioned this pull request Jul 24, 2019

[docs] Fix dependabot badge #16725

Merged

snyk-bot mentioned this pull request Sep 4, 2019

[Snyk] Upgrade @material-ui/styles from 4.3.0 to 4.3.3 iliutastoica/React-Discord-Clone#5

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[core] Introduce dependabot #16679

[core] Introduce dependabot #16679

eps1lon commented Jul 22, 2019 •

edited

Loading

mui-pr-bot commented Jul 22, 2019 •

edited

Loading

This comment has been minimized.

eps1lon commented Jul 22, 2019

oliviertassinari commented Jul 24, 2019

merceyz Jul 24, 2019

	[![Dependabot Status](https://api.dependabot.com/badges/status?host=github&repo=eps1lon/material-ui)](https://dependabot.com)
	[![Dependabot Status](https://api.dependabot.com/badges/status?host=github&repo=mui-org/material-ui)](https://dependabot.com)

[core] Introduce dependabot #16679

[core] Introduce dependabot #16679

Conversation

eps1lon commented Jul 22, 2019 • edited Loading

mui-pr-bot commented Jul 22, 2019 • edited Loading

This comment has been minimized.

eps1lon commented Jul 22, 2019

oliviertassinari commented Jul 24, 2019

merceyz Jul 24, 2019

Choose a reason for hiding this comment

eps1lon commented Jul 22, 2019 •

edited

Loading

mui-pr-bot commented Jul 22, 2019 •

edited

Loading