top | item 32436513

(no title)

cpswan | 3 years ago

My main gripe is that Dependabot can end up raising multiple PRs for the same dependency bump in the same repo (especially with Dockerfiles). I really wish I could tell it to do rollups e.g. `@dependabot rollup #1234 #1235 #1236` or something like that.

To save having to do multiple rounds of merge PR, rebase next PR, wait for CI... I end up doing my own rollup PRs by merging the various Dependabot branches. At least Dependabot is smart enough to close all of the original PRs when the rollup is merged.

discuss

dynamite-ready|3 years ago

Yes. 'Rollups' would also help the situation where multiple upgrades in combination will cause an issue. Ideally though, you'll be merging master into each automated pull request regardless. But rollups would save a bit of time.