Dependabot / security scanning #504
Unanswered
indigoviolet
asked this question in
Q&A
Replies: 2 comments
-
|
I have this same question. It seems to work just fine for non-dev packages, but it does not seem to work the dev dependencies. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
As a workaround, I have set up the following in .pre-commit-config.yaml: repos:
- repo: local
hooks:
- id: update requirements.txt for dependabot
name: update requirements.txt for dependabot
entry: bash -c 'sed -e "/^-e/d" -e "s/setuptools/# setuptools/" requirements.lock > .github/dependabot/requirements.txt'
language: system
- repo: local
hooks:
- id: update requirements-dev.txt for dependabot
name: update requirements-dev.txt for dependabot
entry: bash -c 'sed -e "/^-e/d" -e "s/setuptools/# setuptools/" requirements-dev.lock > .github/dependabot/requirements-dev.txt'
language: systemRunning an equivalent shell script from GitHub Actions could also be a good idea! |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
What is the best way to work with Dependabot etc while using rye?
Beta Was this translation helpful? Give feedback.
All reactions