Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Organization-wide registries configuration in .github/dependabot.yml #3360

Open
AdamVig opened this issue Mar 25, 2021 · 16 comments
Open

Organization-wide registries configuration in .github/dependabot.yml #3360

AdamVig opened this issue Mar 25, 2021 · 16 comments
Labels
F: configuration-file F: private-registries 💂‍♂️ Issues about using private registries with Dependabot; may be paired with an R: label. Keep Exempt this from being marked by stalebot T: feature-request Requests for new features

Comments

@AdamVig
Copy link

AdamVig commented Mar 25, 2021

To use Dependabot's support for private registries, it looks like we have to configure the registries option in dependabot.yml for every repository in our organization.

It would be nice if we could share this configuration across the entire organization by in our .github repository. Based on #1530 (comment), it seems this was planned:

When we support private registries in GitHub-native Dependabot, we will support organization-level configuration of private repositories.

I couldn't find any mention of this feature in the GitHub documentation. Is this already supported? If not, is this a feature that the team plans to implement?

@AdamVig AdamVig added the T: feature-request Requests for new features label Mar 25, 2021
@feelepxyz
Copy link
Contributor

@AdamVig agreed! We're hoping to support this pattern and built the current implementation with that in mind. It will be some time before we get to it but we're planning to support it.

@asciimike asciimike added the F: private-registries 💂‍♂️ Issues about using private registries with Dependabot; may be paired with an R: label. label Apr 12, 2021
@asciimike
Copy link
Contributor

See #3312 for another request for this.

@AraHaan
Copy link

AraHaan commented Apr 12, 2021

Wait we can store workflows organization wide inside of a repository named .github with a workflows subdirectory inside it?

I did not know that one 👀.

I would do that with repository templates that I have them share the same files over and over (unless I want a specific repository to add specific task to a job that is in the organization level workflow.

feelepxyz added a commit that referenced this issue Jul 15, 2021
* [`013f0262d`](npm/cli@013f026)
  [#3469](npm/cli#3469)
  fix(exitHandler): write code to logfile
  ([@wraithgar](/~https://github.com/wraithgar))
* [`0dd0341ac`](npm/cli@0dd0341)
  [#3474](npm/cli#3474)
  fix(ping): make "npm ping" echo a right time
  ([@aluneed](/~https://github.com/aluneed))
* [`d2e298f3c`](npm/cli@d2e298f)
  [#3484](npm/cli#3484)
  fix(deprecate): add undeprecate support
  ([@wraithgar](/~https://github.com/wraithgar))

  ### DOCUMENTATION

* [`9dd32d08e`](npm/cli@9dd32d0)
  [#3485](npm/cli#3485)
  fix(docs): remove npm package config override
  ([@wraithgar](/~https://github.com/wraithgar))
* [`a4e095618`](npm/cli@a4e0956)
  [#3486](npm/cli#3486)
  fix(docs): remove .hooks scripts
  ([@wraithgar](/~https://github.com/wraithgar))

* [`5f8ccccef`](npm/cli@5f8cccc)
  [#3483](npm/cli#3483)
  chore(tests): clean snapshot for lib/view.js tests
  ([@wraithgar](/~https://github.com/wraithgar))

* [`23ce3af19`](npm/cli@23ce3af)
  [#3460](npm/cli#3460)
  feat(ls): report *why* something is invalid
  ([@isaacs](/~https://github.com/isaacs))

* [`53f81af31`](npm/cli@53f81af)
  [#3450](npm/cli#3450)
  fix(docs): Improve phrasing of workspace example
  ([@lumaxis](/~https://github.com/lumaxis))
* [`78da60ffe`](npm/cli@78da60f)
  [#3454](npm/cli#3454)
  chore(linting): add bin and clean up lib/ls.js
* [`54eae3063`](npm/cli@54eae30)
  [#3416](npm/cli#3416)
  chore(errorHandler): rename to exit handler
  ([@wraithgar](/~https://github.com/wraithgar))
* [`d0f50b156`](npm/cli@d0f50b1)
  [#3451](npm/cli#3451)
  chore(refactor): async npm.load
  ([@wraithgar](/~https://github.com/wraithgar))
* [`87f67d9ef`](npm/cli@87f67d9)
  [#3458](npm/cli#3458)
  chore(tests): expose real mock npm object
  ([@wraithgar](/~https://github.com/wraithgar))
* [`f3dce0917`](npm/cli@f3dce09)
  [#3459](npm/cli#3459)
  chore(config): snapshot config descriptions
  ([@wraithgar](/~https://github.com/wraithgar))
* [`6254b6f72`](npm/cli@6254b6f)
  [#3234](npm/cli#3234)
  [#3455](npm/cli#3455)
  @npmcli/package-json refactor
  ([@ruyadorno](/~https://github.com/ruyadorno))

* [`fe4138381`](npm/cli@fe41383)
  `@npmcli/arborist@2.6.4`:
  * bin: allow turning off timer display with --timers=false
  * fix: do not try to inflate a fresh lockfile
  * fix(diff): walk target children if root is a link
  * chore: @npmcli/package-json refactor

* [`fce30e423`](npm/cli@fce30e4)
  [#3435](npm/cli#3435)
  fix(docs): rebuild config docs
  ([@wraithgar](/~https://github.com/wraithgar))

* [`ae285b391`](npm/cli@ae285b3)
  [#3408](npm/cli#3408)
  feat(ls): support `--package-lock-only` flag
  ([@G-Rath](/~https://github.com/G-Rath))
* [`c984fb59c`](npm/cli@c984fb5)
  [#3420](npm/cli#3420)
  feat(pack): add pack-destination config
  ([@wraithgar](/~https://github.com/wraithgar))

* [`40829ec40`](npm/cli@40829ec)
  [#2554](npm/cli#2554)
  [#3399](npm/cli#3399)
  fix(link): do not prune packages
  ([@ruyadorno](/~https://github.com/ruyadorno))
* [`102d4e6fb`](npm/cli@102d4e6)
  [#3417](npm/cli#3417)
  fix(workspaces): explicitly error in global mode
  ([@wraithgar](/~https://github.com/wraithgar))
* [`993df3041`](npm/cli@993df30)
  [#3423](npm/cli#3423)
  fix(docs): ls command usage instructions
  ([@gurdiga](/~https://github.com/gurdiga))
* [`dcc13662c`](npm/cli@dcc1366)
  [#3418](npm/cli#3418)
  fix(config): update link definition
  ([@wraithgar](/~https://github.com/wraithgar))
* [`b19e56c2e`](npm/cli@b19e56c)
  [#3382](npm/cli#3382)
  [#3429](npm/cli#3429)
  fix(ls): respect prod config for workspaces
  ([@ruyadorno](/~https://github.com/ruyadorno))
* [`c99b8b53c`](npm/cli@c99b8b5)
  [#3430](npm/cli#3430)
  fix(config): add flatOptions.npxCache
  ([@wraithgar](/~https://github.com/wraithgar))
* [`e5abf2a21`](npm/cli@e5abf2a)
  [#3386](npm/cli#3386)
  chore(libnpmdiff): added as workspace
  ([@ruyadorno](/~https://github.com/ruyadorno))
* [`c6a8734d7`](npm/cli@c6a8734)
  [#3388](npm/cli#3388)
  chore(refactor): finish passing npm context
  ([@wraithgar](/~https://github.com/wraithgar))
* [`d16ee452a`](npm/cli@d16ee45)
  [#3426](npm/cli#3426)
  chore(tests): use path.resolve
  ([@wraithgar](/~https://github.com/wraithgar))

* [`6b951c042`](npm/cli@6b951c0)
  `libnpmversion@1.2.1`:
    * fix(retrieve-tag): pass match in a way git accepts
* [`de820a021`](npm/cli@de820a0)
  `npm-package-arg@8.1.5`:
  * fix: Make file: URLs (mostly) RFC 8909 compliant
* [`16a95c647`](npm/cli@16a95c6)
  `@npmcli/arborist@2.6.3`:
    * fix(inventory) handle old and british forms of 'license'
    * fix: removes [_complete] check to apply correct metadata
    * ensure node.fsParent is not set to node itself
    * fix extraneous deps on load-actual
* [`d341bd86c`](npm/cli@d341bd8)
  `make-fetch-happen@9.0.3`:
    * fix: implement cache modes correctly
* [`c90612cf5`](npm/cli@c90612c)
  `libnpmexec@2.0.0`:
    * use new npxCache option

* [`ef668ab57`](npm/cli@ef668ab)
  [#3368](npm/cli#3368)
  feat(diff): add workspace support
  ([@wraithgar](/~https://github.com/wraithgar))

* [`26d00c477`](npm/cli@26d00c4)
  [#3364](npm/cli#3364)
  fix(tests): mock writeFile in pack tests so we dont create 0 byte files in the repo
  ([@nlf](/~https://github.com/nlf))
* [`f130a81d6`](npm/cli@f130a81)
  [#3367](npm/cli#3367)
  fix(linting): add scripts, docs, smoke-tests
  ([@wraithgar](/~https://github.com/wraithgar))
* [`992799cd8`](npm/cli@992799c)
  [#3383](npm/cli#3383)
  fix(login): properly save scope if defined
  ([@wraithgar](/~https://github.com/wraithgar))

* [`844229519`](npm/cli@8442295)
  [#3392](npm/cli#3392)
  docs(workspaces): update using npm section
  Added examples of using `npm init` to bootstrap a new workspace and a
  section on how to add/manage dependencies to workspaces.
  ([@ruyadorno](/~https://github.com/ruyadorno))

* [`3654890fb`](npm/cli@3654890)
  remove ignored dep
  ([@nlf](/~https://github.com/nlf))
* [`a4a0e68a9`](npm/cli@a4a0e68)
  [#3362](npm/cli#3362)
  check less stuff into node_modules
  ([@isaacs](/~https://github.com/isaacs))
* [`7d5b049b6`](npm/cli@7d5b049)
  [#3365](npm/cli#3365)
  chore(package) Use a "files" list
  ([@isaacs](/~https://github.com/isaacs))

* [`e92b5f2ba`](npm/cli@e92b5f2)
  `npm-registry-fetch@11.0.0`
    * feat: improved logging of cache status

* [`e864bd3ce`](npm/cli@e864bd3)
  [#3345](npm/cli#3345)
  fix(update-notifier): do not update notify when installing npm@spec
  ([@isaacs](/~https://github.com/isaacs))
* [`aafe23572`](npm/cli@aafe235)
  [#3348](npm/cli#3348)
  fix(update-notifier): parallelize check for updates
  ([@isaacs](/~https://github.com/isaacs))

* [`bc9c57dda`](npm/cli@bc9c57d)
  [#3353](npm/cli#3353)
  fix(docs): remove documentation for '--scripts-prepend-node-path' as it was removed in npm@7
  ([@gimli01](/~https://github.com/gimli01))
* [`ca2822110`](npm/cli@ca28221)
  [#3360](npm/cli#3360)
  fix(docs): link foreground-scripts w/ loglevel
  ([@wraithgar](/~https://github.com/wraithgar))
* [`fb630b5a9`](npm/cli@fb630b5)
  [#3342](npm/cli#3342)
  chore(docs): manage docs as a workspace
  ([@ruyadorno](/~https://github.com/ruyadorno))

* [`54de5c6a4`](npm/cli@54de5c6)
  `npm-package-arg@8.1.4`:
    * fix: trim whitespace from fetchSpec
    * fix: handle file: when root directory begins with a special character
* [`e92b5f2ba`](npm/cli@e92b5f2)
  `make-fetch-happen@9.0.1`
    * breaking: complete refactor of caching. drops warning headers,
      prevents cache indexes from growing for every request, correctly
      handles varied requests to the same url, and now caches redirects.
    * fix: support url-encoded proxy authorization
    * fix: do not lazy-load proxy agents or agentkeepalive. fixes the
      intermittent failures to update npm on slower connections.
  `npm-registry-fetch@11.0.0`
    * breaking: drop handling of deprecated warning headers
    * docs: fix header type for npm-command
    * docs: update registry param
    * feat: improved logging of cache status
* [`23c50a45f`](npm/cli@23c50a4)
  `make-fetch-happen@9.0.2`:
    * fix: work around negotiator's lazy loading

* [`c4ef78b08`](npm/cli@c4ef78b)
  [#3344](npm/cli#3344)
  fix(automation): update incorrect variable name in create-cli-deps-pr workflow
  ([@gimli01](/~https://github.com/gimli01))

* [`598a17a26`](npm/cli@598a17a)
  [#3329](npm/cli#3329)
  fix(libnpmexec): don't detach output from npm
  ([@wraithgar](/~https://github.com/wraithgar))

* [`c4fc03e9e`](npm/cli@c4fc03e)
  `@npmcli/arborist@2.6.1`
    * fixes reifying deps with mismatching version ranges between
      actual and virtual trees
* [`9159fa62a`](npm/cli@9159fa6)
  `libnpmexec@1.2.0`

* [`399ff8cbc`](npm/cli@399ff8c)
  [#3312](npm/cli#3312)
  feat(link): add workspace support
  ([@isaacs](/~https://github.com/isaacs))

* [`46a9bcbcb`](npm/cli@46a9bcb)
  [#3282](npm/cli#3282)
  fix(docs): proper postinstall script file name
  ([@KevinFCormier](/~https://github.com/KevinFCormier))
* [`83590d40f`](npm/cli@83590d4)
  [#3272](npm/cli#3272)
  fix(ls): show relative paths from root
  ([@isaacs](/~https://github.com/isaacs))
* [`a574b518a`](npm/cli@a574b51)
  [#3304](npm/cli#3304)
  fix(completion): restore IFS even if `npm completion` returns error
  ([@NariyasuHeseri](/~https://github.com/NariyasuHeseri))
* [`554e8a5cd`](npm/cli@554e8a5)
  [#3311](npm/cli#3311)
  set audit exit code properly
  ([@isaacs](/~https://github.com/isaacs))
* [`4a4fbe33c`](npm/cli@4a4fbe3)
  [#3268](npm/cli#3268)
  [#3285](npm/cli#3285)
  fix(publish): skip private workspaces
  ([@ruyadorno](/~https://github.com/ruyadorno))

* [`3c53d631f`](npm/cli@3c53d63)
  [#3307](npm/cli#3307)
  fix(docs): typo in package-lock.json docs
  ([@rethab](/~https://github.com/rethab))
* [`96367f93f`](npm/cli@96367f9)
  rebuild npm-pack doc
  ([@isaacs](/~https://github.com/isaacs))
* [`64b13dd10`](npm/cli@64b13dd)
  [#3313](npm/cli#3313)
  Drop stale Python 3<->node-gyp remark
  ([@spencerwilson](/~https://github.com/spencerwilson))

* [`7b56bfdf3`](npm/cli@7b56bfd)
  `cacache@15.2.0`:
  * feat: allow fully deleting indices
  * feat: add a validateEntry option to compact
  * chore: lint
  * chore: use standard npm style release scripts
* [`dbbc151a3`](npm/cli@dbbc151)
  `npm-audit-report@2.1.5`:
  * fix(exit-code): account for null auditLevel default (#46)
* [`5b2604507`](npm/cli@5b26045)
  chore(package-lock): update devDependencies
  ([@gar](/~https://github.com/Gar))

* [`3d5df0082`](npm/cli@3d5df00)
  [#3294](npm/cli#3294)
  chore(ci): move node release PR workflow to cli repo
  ([@gimli01](/~https://github.com/gimli01))

* [`0d1a9d787`](npm/cli@0d1a9d7)
  [#3227](npm/cli#3227)
  feat(install): add workspaces support to npm install commands
  ([@isaacs](/~https://github.com/isaacs))
* [`c18626f04`](npm/cli@c18626f)
  [#3250](npm/cli#3250)
  feat(ls): add workspaces support
  ([@ruyadorno](/~https://github.com/ruyadorno))
* [`41099d395`](npm/cli@41099d3)
  [#3265](npm/cli#3265)
  feat(explain): add workspaces support
  ([@ruyadorno](/~https://github.com/ruyadorno))
* [`fde354669`](npm/cli@fde3546)
  [#3251](npm/cli#3251)
  feat(unpublish): add workspace/dry-run support
  ([@wraithgar](/~https://github.com/wraithgar))
* [`83df3666c`](npm/cli@83df366)
  [#3260](npm/cli#3260)
  feat(outdated): add workspaces support
  ([@ruyadorno](/~https://github.com/ruyadorno))
* [`63a7635f7`](npm/cli@63a7635)
  [#3217](npm/cli#3217)
  feat(pack): add support to json config/output
  ([@mrmlnc](/~https://github.com/mrmlnc))

* [`faa12ccc2`](npm/cli@faa12cc)
  [#3253](npm/cli#3253)
  fix search description typos
  ([@juanpicado](/~https://github.com/juanpicado))
* [`2f5c28a68`](npm/cli@2f5c28a)
  [#3243](npm/cli#3243)
  fix(docs): autogenerate config docs for commands
  ([@isaacs](/~https://github.com/isaacs))

* [`ec256a14a`](npm/cli@ec256a1)
  `@npmcli/arborist@2.6.0`
* [`5f15aba86`](npm/cli@5f15aba)
  `cacache@15.1.0`
* [`b3add87e6`](npm/cli@b3add87)
  [#3262](npm/cli#3262)
  `npm-registry-client@10.1.2`:
    * fixed sso login token

* [`076420c14`](npm/cli@076420c)
  [#3231](npm/cli#3231)
  feat(publish): add workspace support
  ([@wraithgar](/~https://github.com/wraithgar))
* [`370b36a36`](npm/cli@370b36a)
  [#3241](npm/cli#3241)
  feat(fund): add workspaces support
  ([@ruyadorno](/~https://github.com/ruyadorno))

* [`0c18e4f77`](npm/cli@0c18e4f)
  `@npmcli/arborist@2.5.0`
* [`b551c6811`](npm/cli@b551c68)
  `libnpmfund@1.1.0`

* [`de49f58f5`](npm/cli@de49f58)
  [#3216](npm/cli#3216)
  fix(contributing): link to proper cli repo
  ([@mrmlnc](/~https://github.com/mrmlnc))
* [`1d092144e`](npm/cli@1d09214)
  [#3203](npm/cli#3203)
  fix(packages): locale-agnostic string sorting
  ([@isaacs](/~https://github.com/isaacs))
* [`0696fca13`](npm/cli@0696fca)
  [#3209](npm/cli#3209)
  fix(view): fix non-registry specs
  ([@wraithgar](/~https://github.com/wraithgar))
* [`71ac93597`](npm/cli@71ac935)
  [#3206](npm/cli#3206)
  chore(github): Convert md issue template to yaml
  ([@lukehefson](/~https://github.com/lukehefson))
* [`6fb386d3b`](npm/cli@6fb386d)
  [#3201](npm/cli#3201)
  fix(tests): increase test fuzziness
  ([@wraithgar](/~https://github.com/wraithgar))
* [`f3a662fcd`](npm/cli@f3a662f)
  [#3211](npm/cli#3211)
  fix(tests): use config defaults
  ([@wraithgar](/~https://github.com/wraithgar))

* [`285976fd1`](npm/cli@285976f)
  `@npmcli/arborist@2.4.4`
  * fix(reify): properly save spec if prerelease
* [`f9f24d17c`](npm/cli@f9f24d1)
  `libnpmexec@1.1.1`
  * fix(add): Specify 'en' locale to String.localeCompare
* [`cb9f17499`](npm/cli@cb9f174)
  `glob@7.1.7`
  * force 'en' locale in string sorting
* [`24b4e4a41`](npm/cli@24b4e4a)
  `ignore-walk@3.0.4`
  * Avoid locale-specific sorting issues
* [`1eb7e5c7d`](npm/cli@1eb7e5c)
  `@npmcli/arborist@2.4.3`
  * guard against locale-specific sorting
* [`a6a826067`](npm/cli@a6a8260)
  `npm-packlist@2.2.2`:
  * fix(sort): avoid locale-dependent sorting issues

* [`701627c51`](npm/cli@701627c)
  [#3098](npm/cli#3098)
  feat(cache): Allow `add` to accept multiple specs
  ([@mjsir911](/~https://github.com/mjsir911))
* [`59171f030`](npm/cli@59171f0)
  [#3187](npm/cli#3187)
  feat(config): add workspaces boolean to user-agent
  ([@nlf](/~https://github.com/nlf))

* [`2c9b8713c`](npm/cli@2c9b871)
  [#3182](npm/cli#3182)
  fix(docs): fix broken links
  ([@wangsai](/~https://github.com/wangsai))
* [`88cbc8c44`](npm/cli@88cbc8c)
  [#3198](npm/cli#3198)
  fix(tests): reflect new libnpmexec logic

* [`d01ce5e13`](npm/cli@d01ce5e)
  `libnpmexec@1.1.0`:
    * feat: add walk up dir lookup to satisfy local bins
* [`81c1dfaaa`](npm/cli@81c1dfa)
  `@npmcli/arborist@2.4.2`:
    * fix(add): save packages in the right place
    * fix(reify): do not clean up nodes with no parent
    * fix(audit): support alias specs & root package names
* [`87c2303ea`](npm/cli@87c2303)
  `@npmcli/git@2.0.9`:
    * fix(clone): Do not allow git replacement objects by default
* [`99ff40dff`](npm/cli@99ff40d)
  `npm-packlist@2.2.0`:
    * feat(npmignore): Do not force include history, changelogs, notice
    * fix(package.json): add missing bin/index.js to files

* [`c371f183e`](npm/cli@c371f18)
  [#3137](npm/cli#3137)
  [#3140](npm/cli#3140)
  fix(ls): do not warn on missing optional deps
  ([@isaacs](/~https://github.com/isaacs))
* [`861f606c7`](npm/cli@861f606)
  [#3156](npm/cli#3156)
  fix(build): make prune rule work on case-sensitive file systems
  ([@lpinca](/~https://github.com/lpinca))

* [`fb79d89a0`](npm/cli@fb79d89)
  `tap@15.0.6`
* [`ce3820043`](npm/cli@ce38200)
  `@npmcli/arborist@2.4.1`
    * fix: prevent and eliminate unnecessary duplicates
    * fix: support resolvable partial intersecting peerSets

* [`e479f1dac`](npm/cli@e479f1d)
  [#3146](npm/cli#3146)
  mention `directories.bin` in `bin`
  ([@felipecrs](/~https://github.com/felipecrs))

* [`7925cca24`](npm/cli@7925cca)
  `pacote@11.3.3`:
  * fix(registry): normalize manfest
* [`b61eac693`](npm/cli@b61eac6)
  [#3130](npm/cli#3130)
  `@npmcli/config@2.2.0`
* [`c74e67fc6`](npm/cli@c74e67f)
  [#3130](npm/cli#3130)
  `npm-registry-fetch@10.1.1`

* [`efdd7dd44`](npm/cli@efdd7dd)
  Remove unused and incorrectly documented `--always-auth` config definition
  ([@isaacs](/~https://github.com/isaacs))

* [`4c1f16d2c`](npm/cli@4c1f16d)
  [#3095](npm/cli#3095)
  feat(init): add workspaces support
  ([@ruyadorno](/~https://github.com/ruyadorno))

* [`42ca59eee`](npm/cli@42ca59e)
  [#3086](npm/cli#3086)
  fix(ls): do not exit with error when all problems are extraneous deps
  ([@nlf](/~https://github.com/nlf))
* [`2aecec591`](npm/cli@2aecec5)
  [#2724](npm/cli#2724)
  [#3119](npm/cli#3119)
  fix(ls): make --long work when missing deps
  ([@ruyadorno](/~https://github.com/ruyadorno))
* [`42e0587a9`](npm/cli@42e0587)
  [#3115](npm/cli#3115)
  fix(pack): refuse to pack invalid packument
  ([@wraithgar](/~https://github.com/wraithgar))
* [`1c4eff7b5`](npm/cli@1c4eff7)
  [#3126](npm/cli#3126)
  fix(logout): use isBasicAuth attribute
  ([@wraithgar](/~https://github.com/wraithgar))

* [`c93f1c39e`](npm/cli@c93f1c3)
  [#3101](npm/cli#3101)
  chore(docs): update view docs
  ([@wraithgar](/~https://github.com/wraithgar))
* [`c4ff4bc11`](npm/cli@c4ff4bc)
  [npm/statusboard#313](npm/statusboard#313)
  [#3109](npm/cli#3109)
  fix(usage): fix refs to ws shorthand
  ([@ruyadorno](/~https://github.com/ruyadorno))

* [`83166ebcc`](npm/cli@83166eb)
  `npm-registry-fetch@10.1.0`
    * feat(auth): set isBasicAuth
* [`e02bda6da`](npm/cli@e02bda6)
  `npm-registry-fetch@10.0.0`
    * feat(auth) load/send based on URI, not registry
* [`a0382deba`](npm/cli@a0382de)
  `@npmcli/run-script@1.8.5`
    * fix: windows ComSpec env variable name
* [`7f82ef5a8`](npm/cli@7f82ef5)
  `pacote@11.3.2`
* [`35e49b94f`](npm/cli@35e49b9)
  `@npmcli/arborist@2.4.0`
* [`95faf8ce6`](npm/cli@95faf8c)
  `libnpmaccess@4.0.2`
* [`17fffc0e4`](npm/cli@17fffc0)
  `libnpmhook@6.0.2`
* [`1b5a213aa`](npm/cli@1b5a213)
  `libnpmorg@2.0.2`
* [`9f83e6484`](npm/cli@9f83e64)
  `libnpmpublish@4.0.1`
* [`251f788c5`](npm/cli@251f788)
  `libnpmsearch@3.1.1`
* [`35873a989`](npm/cli@35873a9)
  `libnpmteam@2.0.3`
* [`23e12b4d8`](npm/cli@23e12b4)
  `npm-profile@5.0.3`
@kierenj
Copy link

kierenj commented Aug 9, 2022

Just checking in to see if/where this might lie in terms of a roadmap. We'll probably add something too all our repositories.. unless this is about to land in the next few weeks/months!

@jurre
Copy link
Member

jurre commented Aug 9, 2022

It's something that we hope to investigate in next couple of weeks, but I can't make any firm commitments on when it would land. We're very interested in supporting something like this though!

@emtunc
Copy link

emtunc commented Oct 6, 2022

This would be super handy. Just came across a use-case for enabling private registry access across all our repos. Although I could quickly write some python to insert these files into repos, native support for a global dependabot config would be helpful!

@AraHaan
Copy link

AraHaan commented Oct 6, 2022

I think it would be cool if there was an UI that shows up in our organization that will do this:

  • deletes the .github/dependabot.yml file in all of our repositories (but merge their contents together into a single version in our .github repository.
  • deletes all of the repository specific copies of our github actions workflows that are the same throughout all repositories and move them to the same .github repository (consolidations) excluding repositories which changes them even slightly. (In those repositories the changed file would override the version of it in the .github repository, but also act as if the other files in the .github repository were in the same repository.)
  • Moves issue/pr templates/forms to the .github repository as well (when they are all the same as well) excluding repositories which changes them even slightly. (In those repositories the changed file would override the version of it in the .github repository, but also act as if the other files in the .github repository were in the same repository.)

Those are the blockers I face on me using a global .github repository for one of my organizations that has a ton of repos and allows me to consolidate them and also easily modify them (to where those changes can apply to all repositories in a single go).

@leifwalsh
Copy link

I'd be interested in this same feature, but with enterprise-wide configuration instead of organization-wide!

@yrsurya
Copy link

yrsurya commented Jun 15, 2023

Do we have an ETA on this when can we expect it? super interested in this feature

@EdouardBavoux
Copy link

This would definitely be interesting for us too, it's a pain to align and maintain dependabot config in every repo.

@jmullo
Copy link

jmullo commented Apr 26, 2024

This is really needed.

@jonjanego jonjanego added the Keep Exempt this from being marked by stalebot label May 2, 2024
@ldemailly
Copy link

👋

@JonathanAtCenterEdge
Copy link

Would be incredibly helpful in our organization that's migrating off of renovate

@AraHaan
Copy link

AraHaan commented Jul 24, 2024

agreed having a org global dependabot.yml that configures all the possible configurations in case a repository in the org needs it is FAR better than repo local ones as that is then less files that are not directly used for the codebase keeping all the clutter low to none.

@yrsurya
Copy link

yrsurya commented Dec 12, 2024

not seeing this feature listed yet in their public roadmap yet - /~https://github.com/orgs/github/projects/4247

It would be great this can be available in 2025

@antpili
Copy link

antpili commented Jan 17, 2025

+1 not sure how this isn't a feature since global rules can be configured

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
F: configuration-file F: private-registries 💂‍♂️ Issues about using private registries with Dependabot; may be paired with an R: label. Keep Exempt this from being marked by stalebot T: feature-request Requests for new features
Projects
None yet
Development

No branches or pull requests