Limiting of Version Leaps #13780
Unanswered
lwbrown42
asked this question in
Code Security
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
While it's important for dependencies to get upgraded to the latest versions for a variety of reasons, it's very difficult to upgrade and comprehensively test upgrades on packages that are very behind.
Is it possible to configure Dependabot to limit the amount a package can be upgraded in a single PR? For example, if I'm on v1.2 of a package that has up to v6.0 available, can I set Dependabot to be limited to 1 major version per PR, leading to five PRs over time:
This would allow for more comprehensive testing on each PR to make sure that no features are breaking as the package brought up to date.
Beta Was this translation helpful? Give feedback.
All reactions