24

Like the title says, on GitHub is it possible to manually select a branch against which Dependabot should open its Pull Requests?

From what I can see, it opens PR against whichever branch is set to be the main one in the repo settings, but it is possible to select another one?

Sekhemty
  • 1,222
  • 2
  • 13
  • 33

1 Answers1

21

According to the documentation, this is possible with the option target-branch. For example, if you want to have the updates from the branch develop, you can write the following configuration for the python pip environment:

version: 2
updates:
  - package-ecosystem: "pip"
    directory: "/"
    schedule:
      interval: "daily"
    # Raise pull requests for version updates
    # to pip against the `develop` branch
    target-branch: "develop"
    # Labels on pull requests for version updates only
    labels:
      - "pip dependencies"
flaxel
  • 4,173
  • 4
  • 17
  • 30
  • Than you, I overlooked this. The docs also report this `When you use this option, the settings for this package manager will no longer affect any pull requests raised for security updates.`, what exactly does it means? – Sekhemty Apr 13 '21 at 21:41
  • It just means that you can't set the target branch for security updates, if I understand it correctly. I.e. the settings for the package manager then have no influence on the security updates. – flaxel Apr 14 '21 at 06:17
  • It seems crazy to not have security update then. I'd like to get all update suggestions for `master` and, for example, the `v3` release branch. Would I just put in two blocks like this and it would all work? – cjbarth Jul 01 '22 at 20:37
  • I think you can just add the configurations for the two branches and then the security updates will be created as well. And for the default branch the security updates are always created. – flaxel Jul 01 '22 at 20:59