Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support "*" parameter in folder paths #1994

Closed
petergrau opened this issue Apr 15, 2020 · 7 comments
Closed

Support "*" parameter in folder paths #1994

petergrau opened this issue Apr 15, 2020 · 7 comments

Comments

@petergrau
Copy link

We have several plugins in one repo that all have their own package.json. We would like to define one directory path that catches all of them - something like:
/libs/*/
That should include then all package.json of the libs without having to define an entry for each of them following all the same ruleset.
@feelepxyz
Copy link
Contributor

@petergrau have you looked at using yarn workspaces or lerna to specify a glob for all your sub-projects? This way dependabot will find all the nested package.json files if you add the root one that contains the workspace config/lerna config file.

For example using yarn workspaces:

package.json

{
  "private": true,
  "workspaces": ["libs/*"]
}

@petergrau
Copy link
Author

@petergrau have you looked at using yarn workspaces or lerna to specify a glob for all your sub-projects? This way dependabot will find all the nested package.json files if you add the root one that contains the workspace config/lerna config file.

For example using yarn workspaces:

package.json

{
  "private": true,
  "workspaces": ["libs/*"]
}

@feelepxyz something like that would work for us but we are using nx with the nx.json - is that supported as well?

@feelepxyz
Copy link
Contributor

@petergrau ah unfortunately not. Will keep an eye out for more demand as it's the first time I've come across that.

@infin8x infin8x transferred this issue from dependabot/feedback Jun 29, 2020
@maneetgoyal
Copy link

maneetgoyal commented Oct 9, 2020
edited

Will be great to have.

Using lerna with yarn workspaces. Here's my dependabot.yml:

version: 2
updates:
  - package-ecosystem: npm
    directory: "/"
    schedule:
      interval: daily
    open-pull-requests-limit: 10

When dependabot creates a PR for updating the dependencies that are present in only the child packages like root/packages/**/abc, root/packages/**/def, etc., it only updates the yarn.lock. Would be great if it updates the package.json of the child packages as well (not just the root level package.json).

@Abildtoft
Copy link

We have a similar use case (with NX)

Thanks for an awesome tool!

@alexf101
Copy link

In case it's helpful, I suggested some awful hacks to work around this for now here: #2178 (comment)

@feelepxyz
Copy link
Contributor

Closing as a duplicate of #2178

This isn't specific to the package manager and requires some deeper changes in the way dependabot fetches the repo contents to work. We've got some ideas around how this will also play into grouped updates.

We don't have any current plans on supporting nx unfortunately.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@feelepxyz @alexf101 @Abildtoft @maneetgoyal @petergrau