From 5cb64335179097272333644b3007354378c95bd3 Mon Sep 17 00:00:00 2001 From: Erik Skultety Date: Tue, 22 Oct 2024 14:58:00 +0200 Subject: [PATCH] Revert ".github: dependabot: Ignore pydantic-core" This reverts commit ee1fed738324950cdd9f9665ab4b55cef7d5353d. With dependabot ignoring pydantic-core there's also the issue with pip-compile locking a particular version of pydantic-core in the requirements.txt file which will, again, prevent dependabot from updating pydantic anyway, worse even, any dependency unless pip-compile is run manually to refresh the pydantic-core version and force pushed into dependabot's branch to pass CI. Revert the commit in question and look for a different approach. Signed-off-by: Erik Skultety --- .github/dependabot.yml | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 7d54eb0f4..2a5d0a2bd 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -24,8 +24,15 @@ updates: update-types: - "minor" - "patch" - ignore: - # pydantic is designed to be used with a single version of pydantic-core [1] which follows a - # different release cycle and is our nr.1 violator of version updates blocking other - # dependency version updates to be accepted - - dependency-name: "pydantic-core" + exclude-patterns: + - "pydantic*" + + # pydantic is a known violator of version updates where they don't release the core backend + # with the API library at the same time which holds up other legitimate updates, so group + # pydantic deps together + pydantic: + update-types: + - "minor" + - "patch" + patterns: + - "pydantic*"