Y
Hacker News
new
|
ask
|
show
|
jobs
by
rethab
1166 days ago
> scheduled GitHub Action workflow
..sounds like they're not dogfooding dependabot? curious if anybody knows more/why
2 comments
djm_
1165 days ago
Dependabot is based on releases from the various package repositories; running of main is pre-release - hence they’re probably using GitHub Actions to pin their Gemfile-defined Rails version to a commit hash.
link
heartbreak
1166 days ago
Dependabot is for security issues, not this?
link
rethab
1166 days ago
dependabot can also be used for regular version updates
link