Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Fixes #2852 Adds auto-merging pip updates to this repository using dependabot to alleviate @browniebroke 's workload.
Rationale
Make updating this repository less stressful. You can view the test repository here: https://github.com/Andrew-Chen-Wang/test-dependabot-automerge You can see that, when one update happens, the rest of the PRs close and are superseded with a new PR, as shown here: Andrew-Chen-Wang/test-dependabot-automerge#3 (comment)
This also means we don't need pyup anymore, especially since dependabot covers everything pyup does and auto merges and rebases in case of new updates to the PR.
Note: when GitHub acquired dependabot, they disabled the auto merge feature natively for security reasons, so that's why I had to create the GitHub action. I took the GitHub action from a Medium post, but I just can't find the blog anymore......
AH! Here it is: https://medium.com/@toufik.airane/automerge-github-dependabot-alerts-with-github-actions-7cd6f5763750