dependabot has been unable to parse the dependency files for a few weeks, ever since we had to use the environment variable hack for wasi-common. should we turn it off?
i filed a support ticket but havent heard anything
er meant to follow up on this but I agree -- https://github.com/bytecodealliance/wasmtime/pull/1713
Yeah I’m not gonna hold my breath for dependabot being able to parse the unorthodox way the wasi common dep works, but I did tell support that if they didn’t want us just turning it off forever, they should have some backoff and only let it report identical messages so many times...
My subjective experience of dependabot is that the percentage of notifications I get that are helpful is too low overall.
agreed, ive yet to see it really do anything useful in the context of these projects.
Last updated: Dec 23 2024 at 14:03 UTC