I have two pull requests against my cpython fork from a dependabot -- what is that, and should I merge them? -- ~Ethan~
It's bogus automation, you can safely reject those pull requests. If you do merge any pull requests to `main` of your personal fork, your `main` branch will diverge from python/cpython's. Not recommended. I just merged the equivalent pull requests from dependabot on python/cpython. You can pull from upstream. - Ł
On Mon, May 3, 2021 at 9:15 PM Łukasz Langa <lukasz@langa.pl> wrote:
This is a known issue on GitHub's end, specifically that disabling Dependabot on a fork is broken: https://github.com/dependabot/dependabot-core/issues/2804 (note that a comment specifically about the impact on CPython exists there as well). The only workaround at the moment is to delete and recreate your fork, after which Dependabot should be disabled so long as you never touch the setting again.
It's bogus automation, you can safely reject those pull requests. If you do merge any pull requests to `main` of your personal fork, your `main` branch will diverge from python/cpython's. Not recommended. I just merged the equivalent pull requests from dependabot on python/cpython. You can pull from upstream. - Ł
On Mon, May 3, 2021 at 9:15 PM Łukasz Langa <lukasz@langa.pl> wrote:
This is a known issue on GitHub's end, specifically that disabling Dependabot on a fork is broken: https://github.com/dependabot/dependabot-core/issues/2804 (note that a comment specifically about the impact on CPython exists there as well). The only workaround at the moment is to delete and recreate your fork, after which Dependabot should be disabled so long as you never touch the setting again.
participants (3)
-
Ethan Furman -
Jonathan Goble -
Łukasz Langa