This repo contains two scripts that demonstrates Dependabot Core. It is intended to give you a feel for how Dependabot Core works so that you can use it in your own project.

If you're looking for a hosted, feature-rich dependency updater then you probably want Dependabot itself.

• bundle install
• Optional step for some langauges (for other languages no setup is needed):
  • JS: cd "$(bundle show dependabot-npm_and_yarn)/helpers" && ./build install-dir/npm_and_yarn && cd -
  • Python: cd "$(bundle show dependabot-python)/helpers" && pyenv exec pip install -r requirements.txt && pyenv local 2.7.15 && pyenv exec pip install -r requirements.txt && pyenv local --unset && cd -
  • PHP: cd "$(bundle show dependabot-composer)/helpers" && composer install && cd -
  • Elixir: cd "$(bundle show dependabot-hex)/helpers" && mix deps.get && cd -
• bundle exec irb
• Edit the variables at the top of the script you're using, or set the corresponding environment variables.
• Copy and paste the script into the Ruby session to see how Dependabot works.

If you run into any trouble with the above please create an issue!

• Clone or mirror this repository.
• Copy .gitlab-ci.example.yml to .gitlab-ci.yml or set a custom CI config path for direct usage.
• Set the required global variables used in ./generic-update-script.rb.
• Create a pipeline schedule for each managed repository.
• Set in the schedule the required variables:
  • PROJECT_PATH: group/repository
  • PACKAGE_MANAGER_SET: bundler,composer,npm_and_yarn

• Single dependency update script
• GitLab/GHE update script