Skip to content

What is dependabot-gitlab?

It is an app for automatically managing dependency updates.

dependabot-gitlab uses dependabot-core for dependency update logic and adds additional functionality to integrate these updates with GitLab.

WARNING

dependabot-gitlab project is not affiliated with, funded by, or developed by the Dependabot team, GitHub or GitLab

WARNING

dependabot-gitlab is still considered in alpha status. It is already suitable for out-of-the-box dependency updates, but bugs and breaking changes are still expected between releases

Distribution

INFO

When running application in service mode, internally application will start updater containers dynamically and cache images. Because of that, using latest tag is not recommended to avoid main application image becoming out of sync with updater images. It is recommended to always use specific version tag instead.

Application is packaged and release as a docker image. Application consists of 2 image types.

Core

WARNING

Not applicable for standalone mode

Core image contains code for running web and worker containers. This image does not contain any package managers or language runtimes.

Images are available from the following registries:

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab:3.14.3-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab:3.14.3-alpha.1

Updater

Updater image contains all package managers and language runtimes supported by dependabot-core. This image is used to run updater containers. These images are also used when running application in standalone mode.

Images are available from the following registries.

bundler

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-bundler:3.14.3-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-bundler:3.14.3-alpha.1

npm

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-npm:3.14.3-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-npm:3.14.3-alpha.1

gomod

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-gomod:3.14.3-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-gomod:3.14.3-alpha.1

pip

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-pip:3.14.3-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-pip:3.14.3-alpha.1

docker

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-docker:3.14.3-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-docker:3.14.3-alpha.1

composer

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-composer:3.14.3-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-composer:3.14.3-alpha.1

pub

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-pub:3.14.3-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-pub:3.14.3-alpha.1

cargo

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-cargo:3.14.3-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-cargo:3.14.3-alpha.1

nuget

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-nuget:3.14.3-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-nuget:3.14.3-alpha.1

maven

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-maven:3.14.3-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-maven:3.14.3-alpha.1

gradle

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-gradle:3.14.3-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-gradle:3.14.3-alpha.1

mix

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-mix:3.14.3-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-mix:3.14.3-alpha.1

terraform

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-terraform:3.14.3-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-terraform:3.14.3-alpha.1

elm

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-elm:3.14.3-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-elm:3.14.3-alpha.1

gitsubmodule

  • Dockerhub - docker.io/andrcuns/dependabot-gitlab-gitsubmodule:3.14.3-alpha.1
  • GHCR - ghcr.io/dependabot-gitlab/dependabot-gitlab-gitsubmodule:3.14.3-alpha.1