You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Apr 8, 2026. It is now read-only.
At the moment, the Action changes all dependency versions in a single commit, pushes to a single branch, and opens a single PR. An alternative way to manage this would be to follow the dependabot pattern where a new branch/PR is created for each dependency being updated during that run of the bot.
Pros:
Would allow for more easy management of dependency upgrading for maintainers - merging a single PR represents making a single change to your code, as opposed to lots of dependencies being upgraded at the same time
Cons:
Lots of repeated calls to the API
Multiple PRs can be noisy (provide a max_pull_request variable like dependabot)
We will need a more "clever" way to identify previously opened PRs
Context
At the moment, the Action changes all dependency versions in a single commit, pushes to a single branch, and opens a single PR. An alternative way to manage this would be to follow the dependabot pattern where a new branch/PR is created for each dependency being updated during that run of the bot.
Pros:
Cons:
max_pull_requestvariable like dependabot)