Skip to content
This repository has been archived by the owner on Mar 5, 2018. It is now read-only.
/ bump Public archive

Automated dependency management for Ruby, Python and Javascript

License

Notifications You must be signed in to change notification settings

gocardless/bump

Repository files navigation

Bump (deprecated)

Bump was an application, created by GoCardless in 2015, which helped keep project dependencies up to date.

Since 2017, Dependabot has fulfilled the same needs, whilst offering a wider range of features and tools to teams and individuals.

Since GoCardless no longer use Bump internally, this repository is no longer actively maintained. If you are interested in taking ownership of this project, please get in touch: [email protected].


Bump:

  • Checks for updates to each of your dependencies.
  • Builds an updated dependency file for each update required.
  • Opens a separate Pull Request for each update, linking to a changelog.

All that's left for you to do is review the change.

Note: to run Bump on Node projects, they need to be using Yarn.

Hosting Bump

You can launch your own instance of Bump via Heroku.

Deploy

Once you've deployed, you'll want to click through to Heroku Scheduler in the list of addons and set up a scheduled task to bump your dependencies each day. You can use the ./bin/bump_dependencies_for_repo script to do this:

bundle exec bin/bump_dependencies_for_repo gocardless/bump bundler

Using Bump from your local machine

You can run Bump locally to kick-off a one-off update of your project's dependencies. Bump will ask you for the project's repository and the package manager for the dependencies you'd like to update.

  1. Pull down bump and install its dependencies:
git clone [email protected]:gocardless/bump.git  # Pull down Bump
cd bump && bundle install                     # Install Bump's dependencies
cp config/dummy_env .env                      # Set up your environment

# You'll also need to update the `BUMP_GITHUB_TOKEN` in .env to be a valid
# token with access to your project and all of its private dependencies.
  1. Start a worker for each queue. We use foreman to automate the process:
bundle exec foreman start
  1. In a new window, push a message to DependencyFileFetcher (the first of Bump's services):
bundle exec bin/bump_dependencies_for_repo

The code / contributing

The core logic behind Bump lives in bump-core.


GoCardless ♥ open source. If you do too, come join us.

About

Automated dependency management for Ruby, Python and Javascript

Topics

Resources

License

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages