Skip to content

Configuration of a minimum package age required before a PR is created #3651

Open
github/docs
#39128
@ericmatthys

Description

@ericmatthys

Update:

Cooldown feature for ecosystems is available now publicly, Please follow the blogpost


A "cooldown" feature would delay opening a PR for a newly updated dependency until a certain amount of time has passed. This feature could help teams with mature / stable projects that would like to be more conservative with dependency updates, but still stay on top of regular updates. A cooldown period would allow for patch updates after a release without impacting the project or creating excess noise. Also, for packages that update very frequently, a cooldown period could help cut down on noise from that project without changing the entire schedule to be slower. It would also be useful to allow the cooldown time to be configurable for different semver versions. For example, I might set semver-major to 1 month, semver-minor to 1 week, and semver-patch to 3 days.

Here's how a config snippet might look:

updates:
  - package-ecosystem: "npm"
    directory: "/"
    schedule:
      interval: "daily"
      cooldown:
      - semver-major: 30
      - semver-minor: 7
      - semver-patch: 3

Here's a scenario using those values in mind:

  1. Package updates from 1.1.0 to 1.1.1
  2. 3 days pass
  3. PR for 1.1.1 is created
  4. Package updates from 1.1.1 to 1.2.0
  5. 2 days pass
  6. Package updates from 1.2.0 to 1.2.1 with a bug fix
  7. 1 day passes
  8. Package updates from 1.2.1 to 1.2.2 with a bug fix
  9. 4 days pass
  10. PR for 1.2.2 is created
  11. Package updates from 1.2.2 to 1.3.0
  12. 3 days pass
  13. Package updates from 1.3.0 to 1.4.0, resetting the cooldown because it's another minor update
  14. 7 days pass
  15. PR for 1.4.0 is created

Metadata

Metadata

Assignees

Labels

F: noiserelated to Dependabot being noisy, or initiatives to make Dependabot quieterKeepExempt this from being marked by stalebotT: feature-requestRequests for new features

Projects

Status

Monitoring in Prod

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions