Hey everyone! I'm considering adding a dependency bot to my UV project and I've been looking into Dependabot since it's straightforward to integrate with GitHub. However, I noticed that it's not completely stable for UV projects yet. I'm curious to hear from anyone who's using Dependabot with their UV setups: what's your experience been like? Any issues or big wins?
5 Answers
I definitely prefer Renovate over Dependabot. It offers way more configuration options, can run on your own infrastructure, and isn't restricted to just GitHub. It just provides a way better overall experience.
I’ve been exploring this myself, so I’m really interested to see how well it works for others! Hoping to get some insights here!
If you're managing dependencies through pyproject.toml in your UV projects, then Dependabot should work without any problems! I personally set it up this way for my project and had no issues.
I've had better luck with Renovate Bot instead of Dependabot. The main reason is that Dependabot only works with GitHub, so if you ever plan to switch to another platform like GitLab, Renovate is a better pick since it works everywhere. Renovate has been excellent for my UV project.
I use Dependabot for both work and personal UV projects, especially with Poetry, and it's been working smoothly. Just remember to double-check the dependency updates as you would with any dependency PR—it's been pretty reliable for me!
Related Questions
How To: Running Codex CLI on Windows with Azure OpenAI
Set Wordpress Featured Image Using Javascript
How To Fix PHP Random Being The Same
Why no WebP Support with Wordpress
Replace Wordpress Cron With Linux Cron
Customize Yoast Canonical URL Programmatically