Skip to content

Commit a4f7bcf

Browse files
committed
chore: rename legacy manifests to .archive so dependabot stops rescanning
Even with `.github/dependabot.yml` scoping `pip` to `/`, Dependabot's pip ecosystem auto-discovered `legacy/requirements.txt` and opened 10 bump PRs for archived 2022 dependencies (PRs #33–42, all closed today). The cleanest off-switch for that auto-discovery is renaming the manifest files so they no longer match Dependabot's filename patterns: legacy/requirements.txt → legacy/requirements.txt.archive legacy/utils/google_app_engine/additional_requirements.txt → legacy/utils/google_app_engine/additional_requirements.txt.archive legacy/utils/google_app_engine/Dockerfile → legacy/utils/google_app_engine/Dockerfile.archive The files' contents are unchanged — readers (or future archeologists) can still see what the 2022 pipeline depended on. They just aren't treated as live manifests anymore.
1 parent 21b7c3c commit a4f7bcf

3 files changed

File tree

File renamed without changes.

legacy/utils/google_app_engine/additional_requirements.txt renamed to legacy/utils/google_app_engine/additional_requirements.txt.archive

File renamed without changes.

0 commit comments

Comments
 (0)