Skip to content

[codex] Match Dependabot root-only config#644

Merged
burtenshaw merged 2 commits into
mainfrom
codex/dependabot-root-config
May 6, 2026
Merged

[codex] Match Dependabot root-only config#644
burtenshaw merged 2 commits into
mainfrom
codex/dependabot-root-config

Conversation

@burtenshaw

Copy link
Copy Markdown
Collaborator

Summary

  • Remove Dependabot grouping blocks from the root uv and GitHub Actions update entries.
  • Keep the root uv updater scoped to / with exclude-paths: envs/**, matching the intended config.

Why

The env-specific Dependabot PRs should not be recreated from the root uv updater. Keeping this config minimal makes the intended scan scope explicit.

Validation

  • Parsed .github/dependabot.yml with PyYAML.
  • Ran git diff --check.

@meta-cla meta-cla Bot added the CLA Signed This label is managed by the Meta Open Source bot. label May 6, 2026
@burtenshaw burtenshaw marked this pull request as ready for review May 6, 2026 09:22
@greptile-apps

greptile-apps Bot commented May 6, 2026

Copy link
Copy Markdown
Contributor

Greptile Summary

This PR simplifies .github/dependabot.yml by removing the groups configuration blocks from both the root uv and github-actions update entries. Without groups, Dependabot will open individual PRs per dependency update rather than bundling them.

  • Removes root-uv and root-actions group definitions; the exclude-paths: envs/** scope on the uv updater is preserved.
  • The resulting YAML is valid and matches the stated intent of keeping root-level scanning explicit and separate from env-specific updaters.

Confidence Score: 5/5

Safe to merge — the change only removes two groups blocks from a Dependabot config, leaving the rest of the file untouched and syntactically valid.

The edit is a pure deletion of two YAML stanzas. The remaining config is correct, the exclude-paths constraint is preserved, and no code paths or runtime behavior are affected.

No files require special attention.

Important Files Changed

Filename Overview
.github/dependabot.yml Removes groups blocks from both the root uv and github-actions Dependabot entries, leaving a minimal, valid config with exclude-paths: envs/** intact for the uv updater.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    DB[Dependabot weekly trigger]

    DB --> UV[uv updater\ndirectory: /\nexclude-paths: envs/**]
    DB --> GA[github-actions updater\ndirectory: /]

    UV -->|Before PR| G1[Grouped PR\nroot-uv: all patterns]
    UV -->|After PR| I1[Individual PRs\nper dependency]

    GA -->|Before PR| G2[Grouped PR\nroot-actions: all patterns]
    GA -->|After PR| I2[Individual PRs\nper action]

    style G1 fill:#f99,stroke:#c00,color:#000
    style G2 fill:#f99,stroke:#c00,color:#000
    style I1 fill:#9f9,stroke:#090,color:#000
    style I2 fill:#9f9,stroke:#090,color:#000
Loading

Reviews (1): Last reviewed commit: "Match Dependabot root-only config" | Re-trigger Greptile

@burtenshaw burtenshaw merged commit b4a57fb into main May 6, 2026
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

CLA Signed This label is managed by the Meta Open Source bot.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant