Hi Sebb, On 31.10.2025 18:36, sebb wrote: > Updating dependencies every week is overkill, and can result in > multiple updates of the same plugin between releases. > > I think we should try quarterly updates, and see if there are any issues.
I agree. - If we keep using single Dependabot PRs (which can occasionally update multiple artifacts when a BOM or Maven property changes), then `quarterly` updates sound reasonable. - If we decide to group updates by category: for example, GitHub Actions, Maven production, build, and testing dependencies, then a `monthly` schedule might also work. On my side, I’ll work on moving as many non-runtime dependencies as possible (such as GitHub Actions and Maven plugins) to `commons-parent`, since these account for the majority of Dependabot upgrades in practice. Piotr --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
