| ▲ | mehagar 9 hours ago | |||||||
Is there an equivalent for the JS ecosystem? If not, having Dependabot update dependencies automatically after a cooldown still seems like a better alernative, since you are likely to never update dependencies at all if it's not automatic. | ||||||||
| ▲ | seattle_spring 8 hours ago | parent | next [-] | |||||||
RenovateBot supports a ton of languages, and ime works much better for the npm ecosystem than Dependabot. Especially true if you use an alternative package manager like yarn/pnpm. | ||||||||
| ▲ | mook 8 hours ago | parent | prev [-] | |||||||
Too bad dependabot cooldowns are brain-dead. If you set a cooldown for one week, and your dependency can't get their act together and makes a release daily, it'll start making PRs for the first (oldest) release in the series after a week even though there's nothing cool about the release cadence. | ||||||||
| ||||||||