Skip to content

Bump frequenz-repo-config from 0.17.0 to 0.18.0 in the repo-config group#195

Merged
llucax merged 3 commits into
v0.x.xfrom
dependabot/pip/repo-config-accf3b6b2f
Jun 3, 2026
Merged

Bump frequenz-repo-config from 0.17.0 to 0.18.0 in the repo-config group#195
llucax merged 3 commits into
v0.x.xfrom
dependabot/pip/repo-config-accf3b6b2f

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Jun 2, 2026

Bumps the repo-config group with 1 update: frequenz-repo-config.

Updates frequenz-repo-config from 0.17.0 to 0.18.0

Release notes

Sourced from frequenz-repo-config's releases.

v0.18.0

Frequenz Repository Configuration Release Notes

Summary

This release focuses on finishing the automation of dependabot updates, adding more automated upgrade workflows and fixing some problems with the previous release.

Upgrading

Cookiecutter template

All upgrading should be done via the migration script or regenerating the templates.

curl -sSLf https://raw.githubusercontent.com/frequenz-floss/frequenz-repo-config-python/<tag>/cookiecutter/migrate.py | python3 -I

New Features

Cookiecutter template

  • The cookiecutter now asks whether a repository is private, defaults that answer from the selected license, and uses it to toggle private-repository workflow behavior, public publishing jobs, and the link to GitHub Discussions in the issue template chooser.
  • All dependencies have been updated in the templates.
  • API projects now ship a dedicated grpc-migration.yaml workflow that runs after Dependabot bumps grpcio/grpcio-tools/protobuf and rewrites the matching runtime >= floors in pyproject.toml.
  • API projects now have a better grpcio/protobuf updates grouping in Dependabot, which should make upgrading easier, and plays nicer with the new grpc-migration.yaml workflow.
  • API projects should now use the new API-specific Protect version branches ruleset variant, which includes the required Fix gRPC/protobuf runtime floors check without affecting non-API Python projects.
  • Workflows using the gh-action-dependabot-migrate are upgraded to the latest version, which avoids unnecessary version iterations.
  • Add an isort-migration.yaml workflow that automatically reorders imports when Dependabot upgrades isort.

Bug Fixes

Cookiecutter template

  • The unused cross-arch QEMU-based testing infrastructure has been removed. The .github/containers/nox-cross-arch/ and .github/containers/test-installation/ directories, as well as the "Cross-Arch Testing" section in CONTRIBUTING.md.
  • Private repositories now are generated with credentials uncommented and the publishing workflows disabled.
  • The issue template chooser (config.yml) no longer includes the contact_links section for private repositories, since GitHub Discussions are typically disabled for them.
  • Normalized the GitHub Action hashes for gh-action-setup-git and gh-action-setup-python-with-deps to point to the actual commit object, which is what Dependabot expects.
  • API projects now configure black with extend-exclude = '^/submodules/' so the formatting check doesn't descend into external git submodules that don't follow our formatting rules.
  • API projects now configure isort with skip_glob = ["submodules/*"] so the import-sorting check doesn't descend into external git submodules that don't follow our rules.
  • CONTRIBUTING.md
    • Fixed the nox example commands in to use the correct tests/ directory instead of the non-existent test/ directory.
    • Fixed the wrong mention to PyPI publishing when releasing for private repositories.

What's Changed

... (truncated)

Commits
  • 9536002 Update template versions and prepare the v0.18.0 release (#590)
  • 0851215 Prepare release notes for v0.18.0
  • bee542d template: Bump dependencies
  • 80402d2 build(deps): bump the compatible group with 2 updates (#589)
  • df8ba24 build(deps): bump the compatible group with 2 updates
  • e5f4e39 Add isort dependabot auto-migration workflow (#585)
  • 3afcb70 Update release notes
  • e86009b Add isort submodules migration step
  • 22be0ee template: Make isort exclude submodules from API projects
  • a459500 isort: Exclude golden tests
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump frequenz-repo-config from 0.17.0 to 0.18.0 in the repo-config group
327894e 
Bumps the repo-config group with 1 update: [frequenz-repo-config](https://github.com/frequenz-floss/frequenz-repo-config-python).


Updates `frequenz-repo-config` from 0.17.0 to 0.18.0
- [Release notes](https://github.com/frequenz-floss/frequenz-repo-config-python/releases)
- [Changelog](https://github.com/frequenz-floss/frequenz-repo-config-python/blob/v0.x.x/RELEASE_NOTES.md)
- [Commits](frequenz-floss/frequenz-repo-config-python@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: frequenz-repo-config
  dependency-version: 0.18.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: repo-config
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added part:tooling Affects the development tooling (CI, deployment, dependency management, etc.) type:tech-debt Improves the project without visible changes for users labels Jun 2, 2026
@dependabot dependabot Bot requested a review from a team as a code owner June 2, 2026 19:52
@dependabot dependabot Bot added part:tooling Affects the development tooling (CI, deployment, dependency management, etc.) type:tech-debt Improves the project without visible changes for users labels Jun 2, 2026
@dependabot dependabot Bot requested review from sandovalrr and removed request for a team June 2, 2026 19:52
@github-actions

This comment was marked as outdated.

Sign in to view
@github-actions github-actions Bot added tool:repo-config:migration:intervention-pending Migration requires manual intervention tool:repo-config:migration:executed Migration script has been run part:docs Affects the documentation labels Jun 2, 2026
llucax added 2 commits June 3, 2026 15:04
@llucax
Apply migration for repo-config v0.17.0
5b05f79 
========================================================================
Updating generated CI workflows...
  Updated .github/workflows/ci-pr.yaml: updated CI pull-request workflow
  Updated .github/workflows/ci.yaml: updated main CI workflow
========================================================================
Fixing missed CI platform matrix migrations...
  Skipped .github/workflows/ci.yaml: platform matrix migration already fixed
========================================================================
Updating generated Dependabot workflows...
  Updated .github/workflows/auto-dependabot.yaml: updated Dependabot auto-merge workflow
  Updated .github/workflows/repo-config-migration.yaml: updated repo-config migration workflow
========================================================================
Creating black migration workflow...
  Created .github/workflows/black-migration.yaml: black formatting migration workflow
========================================================================
Updating auxiliary GitHub workflows...
  Updated .github/workflows/dco-merge-queue.yml: updated DCO merge queue workflow
  Updated .github/workflows/labeler.yml: updated labeler workflow
  Updated .github/workflows/release-notes-check.yml: updated release notes check workflow
========================================================================

       ✅ Migration script finished successfully ✅

Signed-off-by: Leandro Lucarella <luca-frequenz@llucax.com>
@llucax
Apply migration from 0.17.0 to 0.18.0
64219d9 
=== v0.18.0 =========================================================
Script URL: https://raw.githubusercontent.com/frequenz-floss/frequenz-repo-config-python/v0.18.0/cookiecutter/migrate.py

========================================================================
Removing unused cross-arch testing files...
  Removed .github/containers/nox-cross-arch
  Removed .github/containers/test-installation
  Removed empty .github/containers
  Updated CONTRIBUTING.md: removed 'Cross-Arch Testing' section
========================================================================
Updating cookiecutter replay file...
  Updated .cookiecutter-replay.json: added `private_repo=no` replay data
========================================================================
Updating generated CI workflows...
========================================================================
Updating auxiliary GitHub workflows...
  Updated .github/workflows/black-migration.yaml: use explicit Dependabot migration iteration
  Updated .github/workflows/repo-config-migration.yaml: use explicit Dependabot migration iteration
========================================================================
Normalizing GitHub Action hashes...
  Updated .github/workflows/ci-pr.yaml: normalized GitHub Action hashes
  Updated .github/workflows/ci.yaml: normalized GitHub Action hashes
========================================================================
Updating issue template configuration...
  Skipped .github/ISSUE_TEMPLATE/config.yml: already up to date
========================================================================
Setting up the gRPC migration workflow...
  Updated .github/dependabot.yml: replaced old 'grpc' group with grpc-compatible / grpcio-major / protobuf-major; added grpc exclude-patterns to patch
  Updated .github/workflows/auto-dependabot.yaml: skip the new grpc Dependabot groups
  Created .github/workflows/grpc-migration.yaml
  Ruleset 'Protect version branches' already requires the grpc check
========================================================================
Fixing nox test path typo in CONTRIBUTING.md...
  Updated CONTRIBUTING.md: fixed nox 'test/' -> 'tests/' typo
========================================================================
Adjusting CONTRIBUTING.md release section for repo privacy...
  Skipped CONTRIBUTING.md: public repository, no change needed
========================================================================
Excluding submodules from black for API projects...
  Updated pyproject.toml: excluded submodules/ from black via extend-exclude
========================================================================
Setting up the isort migration workflow...
  Created .github/workflows/isort-migration.yaml
  Updated .github/workflows/auto-dependabot.yaml: skip individual isort bump PRs
  Updated .github/dependabot.yml: added 'isort' to exclude-patterns of patch and minor
========================================================================
Excluding submodules from isort for API projects...
  Updated pyproject.toml: added isort skip_glob for submodules/
========================================================================

       ✅ Migration script finished successfully ✅

Signed-off-by: Leandro Lucarella <luca-frequenz@llucax.com>
@llucax llucax force-pushed the dependabot/pip/repo-config-accf3b6b2f branch from 0d1496b to 64219d9 Compare June 3, 2026 13:06
@llucax
Copy link
Copy Markdown
Contributor

llucax commented Jun 3, 2026

Force pushed to include the migration from v0.16.0 to v0.17.0. Dependabot got confused in the previous bump and reported v0.16.0 as the latest version in the previous PR, even when the dependency was bumped to v0.17.0.

Needs approval from someone else.

@llucax llucax removed the tool:repo-config:migration:intervention-pending Migration requires manual intervention label Jun 3, 2026
@github-actions github-actions Bot added the tool:repo-config:migration:intervention-done Manual migration intervention has been completed label Jun 3, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Jun 3, 2026

Repo Config Migration

Manual intervention has been marked as completed.

Because this PR required manual intervention, this action will not auto-approve or auto-merge it. Please review, approve, and merge this PR manually.

@llucax
Copy link
Copy Markdown
Contributor

llucax commented Jun 3, 2026

Actually I will force-merge as the new required gRPC check will not run until this is merged.

@llucax llucax enabled auto-merge June 3, 2026 13:07
@llucax llucax disabled auto-merge June 3, 2026 13:07
@llucax llucax merged commit 0c8cb94 into v0.x.x Jun 3, 2026
12 of 13 checks passed
@llucax llucax deleted the dependabot/pip/repo-config-accf3b6b2f branch June 3, 2026 13:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sandovalrr sandovalrr Awaiting requested review from sandovalrr sandovalrr is a code owner automatically assigned from frequenz-floss/api-team

Assignees

No one assigned

Labels

part:docs Affects the documentation part:tooling Affects the development tooling (CI, deployment, dependency management, etc.) tool:repo-config:migration:executed Migration script has been run tool:repo-config:migration:intervention-done Manual migration intervention has been completed type:tech-debt Improves the project without visible changes for users

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@llucax