[llvm] Hashpin sensitive dependencies and configure dependabot to update them automatically (PR #75859)
Aiden Grossman via llvm-commits
llvm-commits at lists.llvm.org
Fri Dec 22 17:18:13 PST 2023
https://github.com/boomanaiden154 commented:
No major issues on my end. Others have already pointed out other scripts/CI jobs using different `requirements.txt` files.
Most of my experience with dependabot is it being slightly worse than useless, but we can try it out for a bit and see how it does with these scripts. It would probably be a lot easier if we had good integration/unit testing for them, but that's hard to do with CI.
https://github.com/llvm/llvm-project/pull/75859
More information about the llvm-commits
mailing list