Skip to content

What is dependabot-gitlab?

It is an app for automatically managing dependency updates.

dependabot-gitlab uses dependabot-core for dependency update logic and adds additional functionality to integrate these updates with GitLab.

WARNING

dependabot-gitlab project is not affiliated with, funded by, or developed by the Dependabot team, GitHub or GitLab

WARNING

dependabot-gitlab is still considered in alpha status. It is already suitable for out-of-the-box dependency updates, but bugs and breaking changes are still expected between releases

Distribution

INFO

When running application in service mode, internally application will start updater containers dynamically and cache images. Because of that, using rolling latest or nightly tags is not recommended to avoid main application image becoming out of sync with updater images. It is recommended to always use specific version tag instead.

Application is packaged and release as a docker image. Images are released using immutable tags that follow the semver versioning scheme. Additionally latest tag is available for the latest stable release and nightly tag for the latest development build.

Application consists of 2 image types:

  • Core
  • Updater

Core

WARNING

Not applicable for standalone mode

Core image contains code for running web and worker containers. This image does not contain any package managers or language runtimes.

Images are available from the following registries:

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab:3.35.0-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab:3.35.0-alpha.1

Updater

Updater image contains all package managers and language runtimes supported by dependabot-core. This image is used to run updater containers. These images are also used when running application in standalone mode.

Images are available from the following registries.

bundler

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-bundler:3.35.0-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-bundler:3.35.0-alpha.1

npm

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-npm:3.35.0-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-npm:3.35.0-alpha.1

gomod

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-gomod:3.35.0-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-gomod:3.35.0-alpha.1

pip

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-pip:3.35.0-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-pip:3.35.0-alpha.1

docker

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-docker:3.35.0-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-docker:3.35.0-alpha.1

composer

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-composer:3.35.0-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-composer:3.35.0-alpha.1

pub

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-pub:3.35.0-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-pub:3.35.0-alpha.1

cargo

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-cargo:3.35.0-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-cargo:3.35.0-alpha.1

nuget

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-nuget:3.35.0-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-nuget:3.35.0-alpha.1

maven

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-maven:3.35.0-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-maven:3.35.0-alpha.1

gradle

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-gradle:3.35.0-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-gradle:3.35.0-alpha.1

mix

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-mix:3.35.0-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-mix:3.35.0-alpha.1

terraform

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-terraform:3.35.0-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-terraform:3.35.0-alpha.1

elm

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-elm:3.35.0-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-elm:3.35.0-alpha.1

gitsubmodule

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-gitsubmodule:3.35.0-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-gitsubmodule:3.35.0-alpha.1

swift

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-swift:3.35.0-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-swift:3.35.0-alpha.1

devcontainers

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-devcontainers:3.35.0-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-devcontainers:3.35.0-alpha.1