Comments (9)
Sure. I have deleted all the level org repos in the Snyk interface one by one, I hope it has clean all the webhooks.
Please let me know if there's any tasks that need to be done additionally.
from community.
Dependabot wins. For 3 reasons: the commands, more context on PRs (lists both changelog and commits) and it's faster. Compare Level/level#185 and Level/level-js#199: same dependency, but renovate's PR was delayed by a full month. That said, for the record, dependabot has an unfair advantage and I dislike the vendor lock-in.
from community.
Ah. @huan the github audit log shows that you added Snyk?
from community.
Yes, it caused by my operation with a mistake.
Today I'm trying to migrate my projects from greenkeeper to Snyk, however, the Synk checks all repositories that I have privileges to manage with a not very clear interface, and after I click the next button, it start migrating all of them.
from community.
@huan Alright, that's unfortunate. Thanks for checking in.
In the Snyk interface, can you find an easy way to remove repos or an entire github org? If not, I'll remove all the webhooks manually via GitHub.
from community.
I'm also gonna give Renovate a try, because it seems Dependabot doesn't run tests on in-range dependency updates, like Greenkeeper did.
from community.
Same story with Renovate, sadly. There are three bad options:
- Use
rangeStrategy: replace
. This will open a PR if a new version (e.g.2.0.0
) falls outside the current range (e.g.^1.0.0
). There'll be no tests on in-range updates. - Use
rangeStrategy: bump
. This will open a PR for any new version. Too noisy. Plus, to allow deduping of dependencies (app-wide) I prefer loose lower bounds on ranges (e.g.^1.0.0
rather than^1.6.2
unless that specific version is actually the minimum). - Use
lockFileMaintenance
. Same effect as (2) but Renovate won't touchpackage.json
. My hatred of lockfiles aside, it's just as noisy as (2). Noise can be reduced by using a schedule, but that misses the goal of getting realtime notifications on breaking in-range updates.
Going with option 1 for now, because it's the least noisy. And greenkeeper's behavior of testing in-range updates did also result in noise, e.g. due to CI failures.
from community.
As for Dependabot vs Renovate, I like the commands you can give to Dependabot on PRs, especially squash and merge
which waits for status checks to pass. This means, once you get a notification from GitHub, you don't have to wait and come back to the PR later. Renovate on the other hand is more configurable, and has the great option to only open PRs once status checks pass.
from community.
Configured all repo's except for Level/leveljs.org#50.
from community.
Related Issues (20)
- Proposal: add map method to abstract-down HOT 4
- Add `db.getMany(keys)` across the board HOT 8
- Refactor encodings HOT 6
- `rocksdb`: to be ported from `leveldown` (after other recent PRs)
- Fix Typings on DefinitelyTyped HOT 7
- Proposal: Add `db.has(key)` and `db.hasMany(keys)` HOT 12
- Deprecate old modules
- Package level with electron HOT 2
- Redisdown: how to create new `level-` libs? HOT 1
- Replace Sauce Labs with Playwright HOT 3
- Tracking issue: implicit and explicit snapshots
- willing to help revive some databases with abstract-level api HOT 4
- rocks-level implementation HOT 6
- Dump Buffer for TypedArrays (for compactness and efficiency) HOT 6
- Any interest in maintaining 'lmdb'? HOT 3
- Counting entries in a level database HOT 4
- leveldown to remote database HOT 1
- Maintenance round: drop legacy features & runtime environments HOT 1
- Move to GitHub Actions HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from community.