Bump Microsoft.ApplicationInsights.AspNetCore from 2.5.0-beta1 to 2.5.0-beta2I’ve been exploring automated lately. I usually use my podcast’s ASP. website that I host on as a guinea pig. I tried Nukeeper and the dotnet outdated global tool – both of which are fantastic and worth exploring.

This week I’m trying Dependbot. I have no relationship with this company. Public repos and personal account repos are free and their pricing is very clear and organization accounts start at just $15 with a free trial.

I’m really impressed with how clever is. It’s almost like a person in its behavior. Yes, I realize that’s kind of the point, but it’s no less surprising to see. A well-written bot is a joy to behold.

For example, here is a PR (Pull Request) where Dependbot says “Bumps Microsoft.ApplicationInsights.AspNetCore from 2.5.0-beta1 to 2.5.0-beta2.”

Basic stuff, right? But that’s not all.

It not only does the basics where it noticed that a version bump occurred in a NuGet package, but it also copied the release notes from that NuGet package’s release on GitHub! It included links to what was fixed between versions, links to the change logs, AND a complete linked commit list. I mean, that’s just lovely.

A few days later, Dependabot went and closed the PR because the dependancy had updated (I was slow) then it commented telling me this PR was superseded by another.

Superseded by #20

Dependabot, like any good bot, also includes commands you can send to it via “Chats” in GitHub PR comments. You can tell it to use specific labels, control milestones. You can also control behavior in the Dependabot Dashboard and have it automerge things like minor versions, or just lock things down to security-only updates.

All in all, it’s a very smart bot that supports basically all the languages. .NET support is in Beta, but I haven’t had any issues with it. You should definitely check it out. And let me tell you, once you’ve got everything automated you’ll wonder how you ever managed before.


Sponsor: Check out the latest JetBrains Rider with built-in spell checking, enhanced debugger, Docker support, full C# 7.3 support, publishing to IIS and more advanced Unity support.


















Source link http://feeds.hanselman.com/~/576069664/0/scotthanselman~Dependabot-for-NET-Core-dependency-tracking-in-GitHub.aspx

LEAVE A REPLY

Please enter your comment!
Please enter your name here