this post was submitted on 05 Sep 2024
7 points (100.0% liked)

General Programming Discussion

7728 readers
17 users here now

A general programming discussion community.

Rules:

  1. Be civil.
  2. Please start discussions that spark conversation

Other communities

Systems

Functional Programming

Also related

founded 5 years ago
MODERATORS
Restioson@lemmy.ml
Cloak@lemmy.ml
7
Dependabot alternatives for non-github hosts? (lemmy.dbzer0.com)
submitted 3 weeks ago* (last edited 3 weeks ago) by Ghoelian@lemmy.dbzer0.com to c/programming@lemmy.ml
3 comments fedilink hide all child comments
 

I'm really bad at keeping my dependencies up-to-date manually, so dependabot was great for me. I don't use github anymore though, and I haven't really been able to find a good alternative.

I found Snyk, which seems to do that, but they only allow logging in with 3rd party providers which I'm not a big fan of.

Edit: seems like Snyk also only supports a few git hosts, and Codeberg isn't one of them.

top 3 comments
sorted by: hot top controversial new old
[–] taaz@biglemmowski.win 5 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

Afaik you can self-host the Renovate bot, though don't remember if it's fully open source & self-contained.

[–] Ghoelian@lemmy.dbzer0.com 5 points 3 weeks ago

Nice, that looks promising! I'll have to look into it a bit more.

[–] GammaGames@beehaw.org 1 points 3 weeks ago* (last edited 3 weeks ago)

Been using Renovate a few months now. On large repos it can take a while to run (the git api is slow for certain pages when comparing commits), but it does seem to work well! It’s even got CVE notifications