From 29049df7e40e8183f9d84880beadd1b55fcab879 Mon Sep 17 00:00:00 2001 From: Ivan Shvedunov Date: Fri, 7 Jun 2024 21:12:30 +0000 Subject: [PATCH] Make dependabot ignore libp2p libs (#6018) ## Motivation libp2p/go-libp2p#2793 broke observed address handling and consequently routing discovery mechanism, too. This is not the first time we're having problems because of (semi-)automatic libp2p dependency updates. Prerequisite for re-enabling automatic updates of libp2p libs: QUIC and routing discovery systests --- .github/dependabot.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 1403a7f09d..e5e4eba083 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -4,6 +4,12 @@ updates: directory: "/" schedule: interval: "daily" + ignore: + # Following cutting edge releases of libp2p is risky. + # Latest problem fixed here: https://github.com/libp2p/go-libp2p/pull/2825 + # We need QUIC and routing discovery systest cases before we can re-enable + # dependabot for libp2p + - dependency-name: github.com/libp2p/* - package-ecosystem: "github-actions" directory: "/"