Skip to content

chore(deps-dev): bump frequenz-repo-config from 0.16.0 to 0.18.0 in the repo-config group across 1 directory#99

Open
dependabot[bot] wants to merge 3 commits into
v0.x.xfrom
dependabot/pip/repo-config-2fa2ea805a
Open

chore(deps-dev): bump frequenz-repo-config from 0.16.0 to 0.18.0 in the repo-config group across 1 directory#99
dependabot[bot] wants to merge 3 commits into
v0.x.xfrom
dependabot/pip/repo-config-2fa2ea805a

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 2, 2026

Copy link
Copy Markdown
Contributor

Bumps the repo-config group with 1 update in the / directory: frequenz-repo-config.

Updates frequenz-repo-config from 0.16.0 to 0.18.0

Release notes

Sourced from frequenz-repo-config's releases.

v0.18.0

Frequenz Repository Configuration Release Notes

Summary

This release focuses on finishing the automation of dependabot updates, adding more automated upgrade workflows and fixing some problems with the previous release.

Upgrading

Cookiecutter template

All upgrading should be done via the migration script or regenerating the templates.

curl -sSLf https://raw.githubusercontent.com/frequenz-floss/frequenz-repo-config-python/<tag>/cookiecutter/migrate.py | python3 -I

New Features

Cookiecutter template

  • The cookiecutter now asks whether a repository is private, defaults that answer from the selected license, and uses it to toggle private-repository workflow behavior, public publishing jobs, and the link to GitHub Discussions in the issue template chooser.
  • All dependencies have been updated in the templates.
  • API projects now ship a dedicated grpc-migration.yaml workflow that runs after Dependabot bumps grpcio/grpcio-tools/protobuf and rewrites the matching runtime >= floors in pyproject.toml.
  • API projects now have a better grpcio/protobuf updates grouping in Dependabot, which should make upgrading easier, and plays nicer with the new grpc-migration.yaml workflow.
  • API projects should now use the new API-specific Protect version branches ruleset variant, which includes the required Fix gRPC/protobuf runtime floors check without affecting non-API Python projects.
  • Workflows using the gh-action-dependabot-migrate are upgraded to the latest version, which avoids unnecessary version iterations.
  • Add an isort-migration.yaml workflow that automatically reorders imports when Dependabot upgrades isort.

Bug Fixes

Cookiecutter template

  • The unused cross-arch QEMU-based testing infrastructure has been removed. The .github/containers/nox-cross-arch/ and .github/containers/test-installation/ directories, as well as the "Cross-Arch Testing" section in CONTRIBUTING.md.
  • Private repositories now are generated with credentials uncommented and the publishing workflows disabled.
  • The issue template chooser (config.yml) no longer includes the contact_links section for private repositories, since GitHub Discussions are typically disabled for them.
  • Normalized the GitHub Action hashes for gh-action-setup-git and gh-action-setup-python-with-deps to point to the actual commit object, which is what Dependabot expects.
  • API projects now configure black with extend-exclude = '^/submodules/' so the formatting check doesn't descend into external git submodules that don't follow our formatting rules.
  • API projects now configure isort with skip_glob = ["submodules/*"] so the import-sorting check doesn't descend into external git submodules that don't follow our rules.
  • CONTRIBUTING.md
    • Fixed the nox example commands in to use the correct tests/ directory instead of the non-existent test/ directory.
    • Fixed the wrong mention to PyPI publishing when releasing for private repositories.

What's Changed

... (truncated)

Commits
  • 9536002 Update template versions and prepare the v0.18.0 release (#590)
  • 0851215 Prepare release notes for v0.18.0
  • bee542d template: Bump dependencies
  • 80402d2 build(deps): bump the compatible group with 2 updates (#589)
  • df8ba24 build(deps): bump the compatible group with 2 updates
  • e5f4e39 Add isort dependabot auto-migration workflow (#585)
  • 3afcb70 Update release notes
  • e86009b Add isort submodules migration step
  • 22be0ee template: Make isort exclude submodules from API projects
  • a459500 isort: Exclude golden tests
  • Additional commits viewable in compare view

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot Bot added part:tooling Affects the development tooling (CI, deployment, dependency management, etc.) type:tech-debt Improves the project without visible changes for users labels Apr 2, 2026
@dependabot
dependabot Bot requested review from a team as code owners April 2, 2026 02:35
@dependabot
dependabot Bot requested review from ela-kotulska-frequenz and removed request for a team April 2, 2026 02:35
@github-actions

This comment was marked as outdated.

@github-actions github-actions Bot added the tool:repo-config:migration:executed Migration script has been run label Apr 2, 2026
@llucax

llucax commented Jul 17, 2026

Copy link
Copy Markdown
Contributor

@dependabot recreate

Bumps the repo-config group with 1 update in the / directory: [frequenz-repo-config](https://github.com/frequenz-floss/frequenz-repo-config-python).


Updates `frequenz-repo-config` from 0.16.0 to 0.18.0
- [Release notes](https://github.com/frequenz-floss/frequenz-repo-config-python/releases)
- [Changelog](https://github.com/frequenz-floss/frequenz-repo-config-python/blob/v0.x.x/RELEASE_NOTES.md)
- [Commits](frequenz-floss/frequenz-repo-config-python@v0.16.0...v0.18.0)

---
updated-dependencies:
- dependency-name: frequenz-repo-config
  dependency-version: 0.17.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: repo-config
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title chore(deps-dev): bump frequenz-repo-config from 0.16.0 to 0.17.0 in the repo-config group chore(deps-dev): bump frequenz-repo-config from 0.16.0 to 0.18.0 in the repo-config group across 1 directory Jul 17, 2026
@dependabot
dependabot Bot force-pushed the dependabot/pip/repo-config-2fa2ea805a branch from 2c1c9d3 to 768c40c Compare July 17, 2026 12:44
@github-actions github-actions Bot removed the tool:repo-config:migration:executed Migration script has been run label Jul 17, 2026
=== v0.17.0 =========================================================
Script URL: https://raw.githubusercontent.com/frequenz-floss/frequenz-repo-config-python/v0.17.0/cookiecutter/migrate.py

========================================================================
Updating generated CI workflows...
  Updated .github/workflows/ci-pr.yaml: updated CI pull-request workflow
  Updated .github/workflows/ci.yaml: updated main CI workflow
========================================================================
Fixing missed CI platform matrix migrations...
  Skipped .github/workflows/ci.yaml: platform matrix migration already fixed
========================================================================
Updating generated Dependabot workflows...
  Updated .github/workflows/auto-dependabot.yaml: updated Dependabot auto-merge workflow
  Updated .github/workflows/repo-config-migration.yaml: updated repo-config migration workflow
========================================================================
Creating black migration workflow...
  Created .github/workflows/black-migration.yaml: black formatting migration workflow
========================================================================
Updating auxiliary GitHub workflows...
  Updated .github/workflows/dco-merge-queue.yml: updated DCO merge queue workflow
  Updated .github/workflows/labeler.yml: updated labeler workflow
  Updated .github/workflows/release-notes-check.yml: updated release notes check workflow
========================================================================

       ✅ Migration script finished successfully ✅



The migration completed successfully.

Applied-by: frequenz-floss/gh-action-dependabot-migrate
@github-actions

Copy link
Copy Markdown
Contributor

Repo Config Migration

Update: 0.16.0 → 0.17.0

✅ Migration completed successfully.

Migration output
=== v0.17.0 =========================================================
Script URL: https://raw.githubusercontent.com/frequenz-floss/frequenz-repo-config-python/v0.17.0/cookiecutter/migrate.py

========================================================================
Updating generated CI workflows...
  Updated .github/workflows/ci-pr.yaml: updated CI pull-request workflow
  Updated .github/workflows/ci.yaml: updated main CI workflow
========================================================================
Fixing missed CI platform matrix migrations...
  Skipped .github/workflows/ci.yaml: platform matrix migration already fixed
========================================================================
Updating generated Dependabot workflows...
  Updated .github/workflows/auto-dependabot.yaml: updated Dependabot auto-merge workflow
  Updated .github/workflows/repo-config-migration.yaml: updated repo-config migration workflow
========================================================================
Creating black migration workflow...
  Created .github/workflows/black-migration.yaml: black formatting migration workflow
========================================================================
Updating auxiliary GitHub workflows...
  Updated .github/workflows/dco-merge-queue.yml: updated DCO merge queue workflow
  Updated .github/workflows/labeler.yml: updated labeler workflow
  Updated .github/workflows/release-notes-check.yml: updated release notes check workflow
========================================================================

       ✅ Migration script finished successfully ✅


Next step

Migration changes were committed and auto-merge-on-changes is disabled. Please review, approve, and merge this PR manually.

Note

If this PR needs rebasing later, comment @dependabot recreate on the PR.
This discards any current PR changes. Dependabot will regenerate the PR from the current base, and this action will detect that the migration commit is gone and re-run the migration on the recreated commit.


📋 Full migration logs

@github-actions github-actions Bot added the tool:repo-config:migration:executed Migration script has been run label Jul 17, 2026
@llucax

llucax commented Jul 17, 2026

Copy link
Copy Markdown
Contributor

Damn. When a PR to update to an older version is reused by dependabot with a newer version, it seems like the dependabot metadata action gets confused and resolves to the old version, not the new one, so we are only migrating to v0.17 instead of v0.18. Will fix manually for now.

@llucax

llucax commented Jul 17, 2026

Copy link
Copy Markdown
Contributor

Signed-off-by: Leandro Lucarella <luca-frequenz@llucax.com>
@llucax
llucax requested review from eduardiazf and sandovalrr July 17, 2026 12:55
@github-actions github-actions Bot added the part:docs Affects the documentation label Jul 17, 2026
@llucax
llucax enabled auto-merge July 17, 2026 12:55
@llucax

llucax commented Jul 17, 2026

Copy link
Copy Markdown
Contributor

Done, needs approval from someone else now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

part:docs Affects the documentation part:tooling Affects the development tooling (CI, deployment, dependency management, etc.) tool:repo-config:migration:executed Migration script has been run type:tech-debt Improves the project without visible changes for users

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant