We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
2 parents 83375b8 + fec0d50 commit 3ccdeb6Copy full SHA for 3ccdeb6
1 file changed
.github/dependabot.yml
@@ -148,6 +148,10 @@ updates:
148
day: "monday"
149
cooldown:
150
default-days: 14
151
+ # Keep lower bounds (e.g. Flask>=1.0.4 in install.txt) low: only raise a
152
+ # floor when the latest release is incompatible with the current range.
153
+ # Exact (==) pins in ci/dev/testing still update as normal.
154
+ versioning-strategy: increase-if-necessary
155
groups:
156
pip-dependencies:
157
applies-to: version-updates
@@ -157,3 +161,8 @@ updates:
161
applies-to: security-updates
158
162
patterns:
159
163
- "*"
164
+ # jupyterlab is pinned <4.0.0: jupyterlab 4.x ships jlpm as Yarn Berry, which
165
+ # cannot consume @plotly/dash-jupyterlab's Yarn 1 lockfile and breaks the build.
166
+ ignore:
167
+ - dependency-name: "jupyterlab"
168
+ versions: [">=4.0.0"]
0 commit comments