Skip to content

Ignore ESM-only and VS Code engine-coupled major bumps in Dependabot#1961

Merged
rugpanov merged 1 commit into
mainfrom
chore/dependabot-ignore-esm-vscode
Jul 3, 2026
Merged

Ignore ESM-only and VS Code engine-coupled major bumps in Dependabot#1961
rugpanov merged 1 commit into
mainfrom
chore/dependabot-ignore-esm-vscode

Conversation

@rugpanov

@rugpanov rugpanov commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Why

Several Dependabot major-version PRs are blocked on prerequisite work and aren't ready to merge. Left as open PRs (or closed), Dependabot keeps re-raising them under new version numbers. Scoped ignore rules park them until the prerequisite work is done — keeping the PR queue clean without losing the rationale.

This directly answers "if I close these, will the bot reopen them?" — yes, under new versions, unless we add these ignore rules.

What

In .github/dependabot.yml, add ignore rules (scoped to the packages that declare each dep):

ESM-only majors — blocked until the build/test tooling migrates off ts-node (CommonJS) to an ESM runner (tsx):

VS Code engine-coupled@types/vscode must track engines.vscode (^1.86.0); bump both together only when the minimum supported VS Code is deliberately raised (see #1933):

  • @types/vscode >=1.87 (in both /packages/databricks-vscode and /packages/databricks-vscode-types)

Each rule carries an inline comment pointing to its tracking PR and unblock condition, so the ignore can be removed intentionally later.

Verification

  • .github/dependabot.yml parses as valid YAML; ignore rules confirmed on both affected directory entries.

Backward compatibility: dependency-automation config only; no runtime, API, or build-output change.

Once this merges, PRs #1932 / #1933 / #1934 can be closed without Dependabot re-raising those major lines. (#1931 typescript and #1935 eslint are not ignored — those aren't version-availability issues, they're migrations we may still want prompts for.)

This pull request and its description were written by Isaac.

*Why*
Several Dependabot major-version PRs are blocked on prerequisite work, not ready
to merge, and will otherwise be re-raised repeatedly under new version numbers.
Adding scoped `ignore` rules parks them until the prerequisite work is done,
keeping the PR queue clean without losing the "why".

*What*
In `.github/dependabot.yml`, ignore the following (scoped to the packages that
declare them):
- ESM-only majors, blocked until the build/test tooling migrates off ts-node
  (CommonJS) to an ESM runner (tsx): `yargs >=18`, `chai >=5`, `@types/chai >=5`
  (see PRs #1934, #1932).
- `@types/vscode >=1.87`: it must track `engines.vscode` (^1.86.0); the two
  should be bumped together only when the minimum supported VS Code version is
  deliberately raised (see PR #1933).

Each rule has an inline comment pointing to the tracking PR and the unblock
condition, so the ignore can be removed intentionally later.

*Verification*
- `.github/dependabot.yml` parses as valid YAML; ignore rules confirmed applied
  to `/packages/databricks-vscode` (yargs, chai, @types/chai, @types/vscode) and
  `/packages/databricks-vscode-types` (@types/vscode).

Backward compatibility: CI/dependency-automation config only; no runtime, API, or
build-output change.

Co-authored-by: Isaac
@rugpanov rugpanov temporarily deployed to test-trigger-is July 3, 2026 13:49 — with GitHub Actions Inactive
@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

If integration tests don't run automatically, an authorized user can run them manually by following the instructions below:

Trigger:
go/deco-tests-run/vscode

Inputs:

  • PR number: 1961
  • Commit SHA: 1231119b7a80deff9b51ca51e1e7457d42bb2697

Checks will be approved automatically on success.

@rugpanov

rugpanov commented Jul 3, 2026

Copy link
Copy Markdown
Contributor Author

🤖 Integration tests ❌ 6 of 35 test jobs failed for 1231119b (29 passed).
View run

@rugpanov rugpanov merged commit d4b8d6d into main Jul 3, 2026
6 of 8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants