We currently have a bunch of hanging CHT-Core Dependabot PRs that keep popping up that we cannot merge: for the wdio
cluster of dependencies and angular
cluster of dependencies.
For wdio
, we know there was a significant effort last year, that identified some serious blockers. So updating automatically is out of the question.
The same applies for angular
, as it’s a major angular release (from v.18 to v.19) that, I believe, requires a bit more effort than a lazy Dependabot PR.
I see some options:
- don’t change anything and leave those dependabot PRs hanging. I believe this is confusing for anyone who sees the CHT-Core PR page. I prefer that active work is stored in PRs, not dead code that nobody intends to merge.
- aggressively close unmergeable dependabot PRs - partial solution because dependabot will create a new one in the new “cycle”
- actively work on both these issues and merge our code instead and close dependabot PRs
- disable dependabot PRs and rely on human effort and check for updates for these dependencies.
I believe it’s acceptable to manually delete a few PRs from time to time, but not as a permanent solution.
Appreciate your feedback