Skip to content

Commit

Permalink
Merge pull request #139 from humanmade/dependabot-guide
Browse files Browse the repository at this point in the history 
Add dependabot guide
  • Loading branch information
@roborourke
roborourke authored Jun 15, 2020
2 parents 6f4b97f + 3e7b8cb commit 4d7f61c
Show file tree
Hide file tree
Showing 2 changed files with 35 additions and 1 deletion.
2 changes: 1 addition & 1 deletion other-docs/guides/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,4 +2,4 @@

![](./assets/banner-guides.png)

Altis Guides are here to help you with meta issues and larger tasks that don't fit in to any specific module. Here you can find help with [how to upgrade](./upgrading/README.md), [how to migrate to Altis](./migrating-from-wordpress.md), [how to use Altis as a headless CMS](./headless/) and more.
Altis Guides are here to help you with meta issues and larger tasks that don't fit in to any specific module. Here you can find help with [how to upgrade](./upgrading/README.md), [how to migrate to Altis](./migrating-from-wordpress.md), [how to use Altis as a headless CMS](./headless/), [how to automate updates](./automatic-updates.md) and more.
34 changes: 34 additions & 0 deletions other-docs/guides/automatic-updates.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
# Automating Updates

The recommended approach to automating updates to Altis is to use GitHub's Dependabot feature. This feature is provided for free by GitHub.

The service monitors the dependencies in your project and creates automatic pull requests whenever there are updates. This will help you to keep your projects healthy and always running the latest patch release of all Altis modules.

## Setting Up Dependabot

To get started create a `dependabot.yml` file in your project root.

The minimum recommended configuration for Altis is as follows:

```yaml
version: 2
updates:
# Enable version updates for Composer
- package-ecosystem: "composer"
# Look for `composer.json` and `composer.lock` files in the `root` directory
directory: "/"
# Create pull requests as soon as updates are made available
schedule:
interval: "live"
# Increase the version requirements for Composer
# only when required
versioning-strategy: increase-if-necessary
```
Finally commit this file to your repo, and you're done.
## Further Configuration
There are many more configuration options available and you can add additional update rules for different package ecosystems like npm to this file as well.
[The full Dependabot configuration documentation can be found here](https://help.github.com/en/github/administering-a-repository/configuration-options-for-dependency-updates).

0 comments on commit 4d7f61c

Please sign in to comment.