chore(deps): bump python from c24c34b to 15bad98
#206
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps python from `c24c34b` to `15bad98`. --- updated-dependencies: - dependency-name: python dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
the
dependencies
This fixes dependency issue we're having. We may want to pin it for safety. Git-all includes UI stuff that I don't think we need. Signed-off-by: jmeridth <[email protected]>
Dockerfile
Outdated
| @@ -17,7 +17,7 @@ COPY requirements.txt stale_repos.py /action/workspace/ | |||
|
|
|||
| RUN python3 -m pip install --no-cache-dir -r requirements.txt \ | |||
| && apt-get -y update \ | |||
| && apt-get -y install --no-install-recommends git-all=1:2.39.2-1.1 \ | |||
| && apt-get -y install --no-install-recommends git \ | |||
There was a problem hiding this comment.
@zkoppert this was my fix to get builds to pass. I imagine we'd want to pin We need to pin the Git version (on it) but I don't think we need git butgit-all. Do you know why we might need that? github/contributors PRs experiencing same issue. I imagine the others will also.
There was a problem hiding this comment.
Thanks for fixing this!
Looking at the dependencies of git-all I don't see any need for anything other than the git package for what we are doing. A GUI or git-docs for example are not needed in the docker container.
Feel free to make those changes across all of our actions too.
|
Yep. Need to pin Update: pinned version is |
ran locally and changed Dockerfile from
```
CMD ["/action/workspace/stale_repos.py"]
ENTRYPOINT ["python3", "-u"]
```
to
```
ENTRYPOINT ["dpkg", "-l", "git"]
```
and then ran
`docker run -it --rm --name debug $(docker images --format "{{.ID}} {{.CreatedAt}}" | sort -rk 2 | awk 'NR==1{print $1}') -- /bin/sh`
to echo out the git version installed
`docker images --format "{{.ID}} {{.CreatedAt}}" | sort -rk 2 | awk 'NR==1{print $1}` gets the last image id created after sorting list by creation date
Signed-off-by: jmeridth <[email protected]>
|
@zkoppert if there is a reason we need |
Bumps python from
c24c34bto15bad98.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)