Dependabot keeps opening PRs on my Github fork

dfabulich · October 4, 2021, 9:41pm

I filed a Github PR; in the course of doing so, I created a fork, and pushed it to Github.

Since then, I keep getting spam from dependabot, opening PRs on my fork, inviting me to upgrade outdated dependencies. These dependencies have nothing to do with my PR, and I would like not to receive further notifications from dependabot.

How do I make dependabot stop spamming me?

P.S. I can’t make my fork private, because I want my PR branch to be public.

P.P.S. My PR has been open/unreviewed for a couple of weeks now; I sure would like that PR to be reviewed so I can privatize/delete my fork…

github.com/discourse/discourse

DEV: Automatically handle macOS readlink issues

discourse:main ← dfabulich:macos-readlink

opened 06:37PM - 19 Sep 21 UTC

dfabulich

+12 -5

The Docker `boot_dev` script has a bug on macOS when using plugins: it attempts …to invoke `readlink -f`, which works fine with GNU `readlink` but doesn't work with macOS `readlink`. (I reproduce the issue on macOS Big Sur 11.6, which is latest as of today.) The script on `master` includes a comment documenting how to work around the issue manually, using Homebrew to install `coreutils`, which installs a GNU version of `readlink` as `greadlink`. The comment then recommends symlinking `readlink` to `greadlink` so bare calls to `readlink` will use the GNU version instead of the macOS default version. That's a pretty weird thing to do to a machine just to satisfy this one script, and, anyway, it's a bummer that the script fails and that the end user has to manually follow directions in a comment to fix it. In this PR, I attempt to `readlink -f` the directory that we just created; if that fails, we create a one-liner Python script that does the same thing as `readlink -f`, and we use that, instead. I got the one-liner from https://stackoverflow.com/questions/1055671/how-can-i-get-the-behavior-of-gnus-readlink-f-on-a-mac … there are other implementations there, including a few pure-bash implementations, but they're kinda verbose; various replies warn that there are a lot of weird corner cases. The Python one-liner seems like the easiest way to handle it. (This infrastructure script has no tests, and I didn't add any.)

gerhard · October 4, 2021, 10:04pm

It’s a known problem with dependabot. I usually ignore the PRs opened by the bot and disable notifications for my forked repositories at https://github.com/watching

Topic		Replies	Views
Use Dependabot for dependency updates? dev	4	1469	November 2, 2018
GitLab OmniAuth plugin plugin auth-plugins	36	10700	August 7, 2022
PRs and granularity dev	7	987	September 7, 2016
I got an error after updating my forked install installation unsupported-install	36	1678	November 13, 2018
Keeping rails/dev up to date dev	5	1118	August 16, 2018

Dependabot keeps opening PRs on my Github fork

Related Topics