Simplify Dependency Management for Android Projects with Gradle Version Catalog and Dependabot | by Jordan Gout | Jul, 2023

Check documentation for all settings.

What’s pull request looks like

Once Dependabot detects new dependencies version it creates a pull request that looks like this:

Pull request description contents release note, change log, and commit to help us identify -breaking- changes.

Dependabot groups all dependencies that use the same version on our Version Catalog.

By default, Dependabot will open up to 5 pull requests with news updates per week but we can change this with the `open-pull-requests-limit` setting.

Dependabot action comments

To be able to easily manage Dependabot’s pull requests, we can use pull requests comment to ask Dependabot to run some actions:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after CI passes on it
• @dependabot squash and merge will squash and merge this PR after CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block auto merging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot from recreating it (Same result by closing it manually)
• @dependabot ignore this major version will close this PR and stop Dependabot from creating any more for this major version (unless we reopen the PR or upgrade to it ourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot from creating any more for this minor version. (unless we reopen the PR or upgrade to it ourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot from creating any more for this dependency (unless we reopen the PR or upgrade to it ourself)