Is your feature request related to a use case or problem?
Currently, Dependabot informs us when there are updates to Python dependencies. However, Dependabot is not sophisticated enough to run dev_utils/requirements/create-env-files.sh.
What solution or approach do you envision?
If Dependabot doesn't support the definition of an explicit command to run, we will probably have to write a GitHub Actions workflow to do it. The workflow should not automatically update dependencies; instead, it should do it under human control. One possibility may be to have it detect merge events of Dependabot PRs to certain files; since PR merges are initiated by maintainers, this may be a sufficient signal to indicate that pip-compile should be re-run.
How urgent is this for you?
P2 – not urgent, but worth doing eventually
Is your feature request related to a use case or problem?
Currently, Dependabot informs us when there are updates to Python dependencies. However, Dependabot is not sophisticated enough to run
dev_utils/requirements/create-env-files.sh.What solution or approach do you envision?
If Dependabot doesn't support the definition of an explicit command to run, we will probably have to write a GitHub Actions workflow to do it. The workflow should not automatically update dependencies; instead, it should do it under human control. One possibility may be to have it detect merge events of Dependabot PRs to certain files; since PR merges are initiated by maintainers, this may be a sufficient signal to indicate that pip-compile should be re-run.
How urgent is this for you?
P2 – not urgent, but worth doing eventually