Skip to content

chore: run Dependabot weekly on Sunday night instead of daily#4350

Open
reinkrul wants to merge 1 commit into
masterfrom
chore/dependabot-weekly
Open

chore: run Dependabot weekly on Sunday night instead of daily#4350
reinkrul wants to merge 1 commit into
masterfrom
chore/dependabot-weekly

Conversation

@reinkrul

@reinkrul reinkrul commented Jun 15, 2026
edited
Loading

Copy link
Copy Markdown
Member

What

Switch Dependabot from daily to weekly (Sunday 23:00 Europe/Amsterdam) for the github-actions, gomod, and docker ecosystems.

Why

Daily checks frequently open a patch PR that supersedes the previous day's PR — e.g. a patch that fixes a bug introduced by an earlier patch. This churn creates needless review work for maintainers. Once a week keeps dependencies current with far fewer redundant PRs.

Why it's safe

We don't run dependabot on our release branches (v5.4, v6.2), we only patch vulnerabilities there. CVE checking will continue to run nightly.

Notes

  • Dependabot only supports day-of-week granularity, so "Sunday night" is day: sunday + time: "23:00".
  • The pip ecosystem was already weekly (and has PRs disabled), so it's left unchanged.

@reinkrul
chore: run Dependabot weekly on Sunday night instead of daily
53d4a02 
Daily checks produce patch PRs that supersede the previous day's PR
(patches fixing bugs introduced by earlier patches), creating churn for
maintainers. Switch github-actions, gomod and docker ecosystems to a
weekly schedule on Sunday 23:00 Europe/Amsterdam.

Assisted by AI
@reinkrul reinkrul requested a review from a team June 15, 2026 08:33
@qltysh

qltysh Bot commented Jun 15, 2026

Copy link
Copy Markdown
Contributor

Qlty


Coverage Impact

This PR will not change total coverage.

🚦 See full report on Qlty Cloud »

🛟 Help

  • Diff Coverage: Coverage for added or modified lines of code (excludes deleted files). Learn more.

  • Total Coverage: Coverage for the whole repository, calculated as the sum of all File Coverage. Learn more.

  • File Coverage: Covered Lines divided by Covered Lines plus Missed Lines. (Excludes non-executable lines including blank lines and comments.)

    • Indirect Changes: Changes to File Coverage for files that were not modified in this PR. Learn more.

@reinkrul reinkrul requested review from Dirklectisch and removed request for a team June 17, 2026 06:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@woutslakhorst woutslakhorst Awaiting requested review from woutslakhorst woutslakhorst is a code owner

@gerardsn gerardsn Awaiting requested review from gerardsn gerardsn is a code owner

@stevenvegt stevenvegt Awaiting requested review from stevenvegt stevenvegt is a code owner

@Dirklectisch Dirklectisch Awaiting requested review from Dirklectisch Dirklectisch is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@reinkrul