{"id":15602739,"url":"https://github.com/renancaraujo/dependabot_gen","last_synced_at":"2025-06-12T19:07:23.866Z","repository":{"id":95874558,"uuid":"551449815","full_name":"renancaraujo/dependabot_gen","owner":"renancaraujo","description":"Dependabot gen is a Dart CLI tool to assist in the creation and maintenance of dependabot.yaml files in a project.","archived":false,"fork":false,"pushed_at":"2025-01-01T02:26:03.000Z","size":167,"stargazers_count":21,"open_issues_count":2,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-28T15:51:47.141Z","etag":null,"topics":["automation","code-generation","dependabot"],"latest_commit_sha":null,"homepage":"https://dependabot_gen.pckg.pub","language":"Dart","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/renancaraujo.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2022-10-14T12:25:36.000Z","updated_at":"2025-03-13T20:45:23.000Z","dependencies_parsed_at":"2024-09-12T00:38:21.979Z","dependency_job_id":"8eb1548c-baf4-4db0-b4ca-932cca76f17e","html_url":"https://github.com/renancaraujo/dependabot_gen","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/renancaraujo/dependabot_gen","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/renancaraujo%2Fdependabot_gen","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/renancaraujo%2Fdependabot_gen/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/renancaraujo%2Fdependabot_gen/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/renancaraujo%2Fdependabot_gen/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/renancaraujo","download_url":"https://codeload.github.com/renancaraujo/dependabot_gen/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/renancaraujo%2Fdependabot_gen/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":259519862,"owners_count":22870371,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation","code-generation","dependabot"],"created_at":"2024-10-03T02:51:28.383Z","updated_at":"2025-06-12T19:07:23.831Z","avatar_url":"https://github.com/renancaraujo.png","language":"Dart","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n## dependabot_gen\n\n\n![coverage][coverage_badge]\n[![License: BSD-3][license_badge]][license_link]\n[![pub package][pub_badge]][pub_link]\n\n\nKeep your dependabot.yaml up to date.\n\n![thumbnail](https://raw.githubusercontent.com/renancaraujo/dependabot_gen/main/doc/thumbnail.jpg)\n\n---\n\nDependabot_gen is a [Dart CLI](https://dart.dev/tutorials/server/cmdline) tool to assist in the creation and maintenance of `dependabot.yaml` files in a project.\n\nIt aims to create, validate, and maintain such files.\n\n\n### Why? 🤨\n\nThe life of an OSS maintainer is often plagued with repetitive and boring tasks. That is why some of us are obsessed with automation. One of such task is to keep a project's dependencies up to date, entering [dependabot](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file). \n\nDependabot does a heck of a job automating the process of monitoring and updating dependencies. But (there's always a but) it introduces a new task: keep the `dependabot.yaml` up to date, with the correct configurations, pointing to the correct paths within the project. \n\n- What if you move a project within the repo and forget to update that `dependabot.yaml` file?\n- What if I have a mono repo and there are a ton of projects inside and I want to create a brand new `dependabot.yaml`?\n- What if I wanna make sure the packages in the `dependabot.yaml` covers all the different package ecosystems I use?\n\n\nWell, in all of those cases, you are dead. Or the equivalent of that: you have to do manual work.\n\n\nWe need automation to automate that automation. That's why this exists.\n\n\n## Getting Started 🚀\n\nSince this is a Dart CLI, you will need some of the sweet sweet Dart SDK installed. See here how, and a GitHub action for that.\n\nTo make it available globally, activate it:\n\n```sh\ndart pub global activate dependabot_gen\n```\n\n\u003e Or locally via:\n```sh\ndart pub global activate --source=path \u003cpath to this package\u003e\n```\n\n## Usage 🤖\n\nAfter activation, make sure the dart cache is on your path. \nif so you can run:\n\n```sh\n$ depgen --help\n\n# or if you don't have the dart cache in your path\n\n$ dart pub global run dependabot_gen --help\n```\n\n### `create` command\n\nThis command will search for packages to be covered by the repos `dependabot.yaml`. If a `dependabot.yaml` already exists, it will keep the existing valid entries and remove the invalid ones (outdated).\n\nExamples:\n```shell\n$ depgen create \n\n# Only consider some package ecosystems, and also ignore some paths for package verification.\n$ depgen create --ecosystems cargo,pub,npm --ignore-paths test/fixtures\n\n# Sets \"some/path\" as repository root and creates update entries with \"monthly\" schedules.\n# Also sets the output to verbose.\n$ depgen create --repo-root some/path --schedule-interval monthly --verbose\n\n# See what else is available\n$ depgen create --help\n```\n\n\n### `diagnose` command\n\nThis is mostly just like `create`, except it is a \"dry-run\", which means it will not create nor modify any files and will return a non-success code if it encounters anything that should be changed. It's ideal to run on CI.\n\nExamples:\n```shell\n$ depgen diagnose\n\n\n# Only consider some package ecosystems, and also ignore some paths for package verification.\n$ depgen diagnose --ecosystems cargo,pub,npm --ignore-paths test/fixtures\n\n\n# See what else is available\n$ depgen diagnose --help\n```\n\n[coverage_badge]: coverage_badge.svg\n[license_badge]: https://img.shields.io/badge/license-BSD-blue.svg\n[license_link]: https://opensource.org/license/bsd-3-clause/\n[pub_link]: https://dependabot_gen.pckg.pub\n[pub_badge]: https://img.shields.io/pub/v/dependabot_gen.svg\n\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frenancaraujo%2Fdependabot_gen","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frenancaraujo%2Fdependabot_gen","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frenancaraujo%2Fdependabot_gen/lists"}