Skip to content

Add a Dependabot config file #132

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 13, 2025
Merged

Add a Dependabot config file #132

merged 2 commits into from
Oct 13, 2025

Conversation

@mhucka
Copy link
Contributor

@mhucka mhucka commented Oct 12, 2025

This adds a .github/dependabot.yaml file for configuring Dependabot to run on this repo. The configuration makes it check Python and the GitHub Actions used in the CI workflow.

Dependabot regularly looks at the dependencies used in this project (e.g., Python packages) and automatically opens PRs when version updates are available.

@mhucka mhucka added area/health Project health, code health, and similar meta-level concerns area/dependencies Concerns Tesseract Decoder dependencies area/devops Involves build systems, Make files, Bazel files, continuous integration, and/or other DevOps topics labels Oct 12, 2025
LalehB
LalehB approved these changes Oct 13, 2025
View reviewed changes
Copy link
Collaborator

@LalehB LalehB left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you Mike.
LGTM, with a minor edit request.

@mhucka
Use recursive search for pip dependencies
413c294 
Tell Dependabot to look for pip dependency files in subdirectories.

Note: rather than limit it to `src/py` where `requirements_lock.txt` is
currently located, this will make it search in all directories so that
if the file locations change in the future, Dependabot is likely to be
able to still find the dependency files.
@mhucka mhucka merged commit 02d4052 into quantumlib:main Oct 13, 2025
4 checks passed
@mhucka mhucka deleted the mh-add-dependabot branch October 13, 2025 18:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@LalehB LalehB LalehB approved these changes

Assignees

No one assigned

Labels

area/dependencies Concerns Tesseract Decoder dependencies area/devops Involves build systems, Make files, Bazel files, continuous integration, and/or other DevOps topics area/health Project health, code health, and similar meta-level concerns

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mhucka @LalehB