-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: Update weekly-poetry-bot.yml
#1507
Conversation
Reviewer's Guide by SourceryThis pull request updates the weekly-poetry-bot workflow to run every hour instead of weekly, and modifies the pull request creation process to use the GitHub CLI instead of an action. It also updates the GitHub token used for creating and merging pull requests. File-Level Changes
Tips
|
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey @Anselmoo - I've reviewed your changes and found some issues that need to be addressed.
Blocking issues:
- Reconsider the frequency of dependency updates (link)
Overall Comments:
- The cron schedule has been changed from weekly to hourly. While this is noted as being for testing purposes, please ensure this is reverted before merging to production to avoid potential issues with excessive bot runs.
- The authentication method has been changed from using the default GITHUB_TOKEN to a custom auto_changelog secret. Please confirm that this new token has the necessary permissions and doesn't introduce any security risks.
Here's what I looked at during the review
- 🔴 General issues: 1 blocking issue
- 🟢 Security: all looks good
- 🟢 Testing: all looks good
- 🟢 Complexity: all looks good
- 🟢 Documentation: all looks good
Help me be more useful! Please click 👍 or 👎 on each comment to tell me if it was helpful.
@@ -2,7 +2,8 @@ name: Weekly Poetry Update | |||
|
|||
on: | |||
schedule: | |||
- cron: '0 0 * * 0' # Runs every Sunday at midnight | |||
# - cron: '0 0 * * 0' # Runs every Sunday at midnight | |||
- cron: '0 * * * *' # Runs every hour |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
issue (performance): Reconsider the frequency of dependency updates
The cron schedule has been changed from weekly to hourly. This seems excessive for a dependency update task and could lead to unnecessary resource consumption and potential API rate limiting issues. Consider reverting to a less frequent schedule, such as weekly or daily, unless there's a specific reason for hourly updates.
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1507 +/- ##
=========================================
Coverage 100.00% 100.00%
=========================================
Files 44 44
Lines 4466 4466
=========================================
Hits 4466 4466
Flags with carried forward coverage won't be shown. Click here to find out more. |
This pull request includes two commits. The first commit updates the schedule of the weekly-poetry-bot workflow to run every hour instead of every Sunday at midnight; just for testing
Summary by Sourcery
Modify the weekly-poetry-bot CI workflow to run hourly and switch to using the GitHub CLI for creating pull requests.
CI: