Commit 1e9ac8d
Changed files (1)
README.md
@@ -45,13 +45,46 @@ date: 2021-11-17
=----------------------------------==----------------------------------=
```
+ Based on a true story.
+
+# $ whoami
+
+```plaintext
+ mo khan @xlgmokha
+ Senior Software Engineer
+ Dependabot
+
+ LfCCtt11fffLttftfttt11ttL08888888888
+ tfLCCLLLCLft1tttttttfG8@@@88@@@@@@@8
+ CCCCCCCLtiiiii11111itLG8@8@88888008@
+ CCCCCGf;;;iiiii11tt11i1tLGfttt111ii1
+ CCCCGf;ii;;;;;i1fft1;:,:ift1111iff11
+ CCCGL::;,,,,,,::;1fi:,:;:;Lftt11ffff
+ CCCGi,:,::,:,.,,:itf1:;;:1CL11111tt1
+ CCCGi,::,.:1;,,;iitfCLt11fG0Lffff1tt
+ CCCCf:::;::::;iii1tffLCLftfLGLt1iii1
+ LLLC1::it1t1tt1;i;,,;i,:1i;i1L1,...:
+ LLLLf::;11t11i;;:.,,::;tft;:;tt. .
+ ffffL1::;;;;::;;;;;;;;i1tti;;1fi;ii1
+ tttttt;:::::,,,,::::;;i1tfffi1fC8088
+ 1111tit1::::::::,:::;;::;ttftttiCGG0
+ iiii;;i;i;:,::::::::::;i1tttft1if0G0
+ ti;::;;;i11;,,,::::;;;;;;iiii11;f0G0
+ ffft1fCCCG0Cfi:::::,,::;;;;:;;:;CGG0
+ ;fGGG0000GGCGLi;:::::;;;;::::,:CGCG0
+```
+
# Agenda
1. What is Dependabot?
-1. Map of Dependabot
-1. Dependabot Internals
-1. Debugging Dependabot
-1. Tracepoint + Signals ?
+1. Dependabot on dotcom
+1. Dependabot on GHES
+1. Community
+1. Help Wanted
+
+
+ I talk fast. Try to keep up. 😅
+
# What is Dependabot?
@@ -121,10 +154,12 @@ updates:
|--------------------------
```
-# Behind the Curtain
+# Dependabot - Runtime (dotcom)
```plaintext
- ______
+ |
+ V
+ __|___
|-<-() SQS )
V ------
|
@@ -158,7 +193,52 @@ updates:
--------------------------------------------------
```
-# A little deeper down the rabbit hole
+# Map of Dependabot (GHES)
+
+```plaintext
+ --------------
+ ||-------------|
+ || $ git push |-o-o-o-o-
+ || | o
+ --------------- |
+ \ 000000000000 \ o
+ \ 000000000000 \ |
+ \ \ \ \ o
+ ---------------- |
+ o-o-o-o-o-o-o-o-o-
+ |
+ o
+ ------|----------------------------
+ | v GitHub DC |
+ | ---------- ---------- |
+ | | dotcom | | Actions | |
+ | ---------- -----A----- |
+ | | -----|----- |
+ | |- webhooks, --> | 🤖-api | |
+ | hyro ----------- |
+ -----------------------------------
+```
+
+# Dependabot - Runtime (GHES)
+
+```plaintext
+ -----------------------
+ | dependabot/action |
+ | |
+ | ----------------- |
+ | | docker | |
+ | | | | --------------
+ | | -------------- | | |->|... |
+ | | | 🤖-updater | | | | --------------
+ | | ----------|--- | | |->|pypi.org |
+ | | ----------V--- | | | --------------
+ | | | 🤖-proxy --|-------->|rubygems.org|
+ | | -------------- | | | --------------
+ | -----------------| | |->|npmjs.org |
+ |--------------------- --------------
+```
+
+# Dependabot - Community
```plaintext
-------------------------- ------------------------
@@ -178,6 +258,9 @@ updates:
-------------------------- ------------------------
```
+**dependabot/dependabot-core** is a public repo that accepts community
+contributions.
+
* 50+ Open Pull Requests
* 700+ Open Issues
* 140+ Contributors
@@ -191,3 +274,66 @@ updates:
* Oldest Open PR (2018)
https://github.com/dependabot/dependabot-core
+
+# Dependabot - Community Contributions
+
+```bash
+モ gh repo clone dependabot/dependabot-core
+モ cd dependabot-core
+モ ./bin/docker-dev-shell
+ > image dependabot/dependabot-core-development already exists
+
+=> running docker development shell
+[dependabot-core-dev] $
+```
+
+# Dependabot - Community Contributions
+
+```bash
+モ gh repo clone dependabot/dependabot-core
+モ cd dependabot-core
+モ ./bin/docker-dev-shell
+ > image dependabot/dependabot-core-development already exists
+
+=> running docker development shell
+[dependabot-core-dev] $ ./bin/dry-run.rb go_modules cli/cli
+```
+
+# Dependabot - Community Contributions
+
+```bash
+モ gh repo clone dependabot/dependabot-core
+モ cd dependabot-core
+モ ./bin/docker-dev-shell
+ > image dependabot/dependabot-core-development already exists
+
+=> running docker development shell
+[dependabot-core-dev] $ ./bin/dry-run.rb go_modules cli/cli
+=> cloning into /home/dependabot/dependabot-core/tmp/cli/cli
+=> parsing dependency files
+=> updating 34 dependencies: github.com/AlecAivazis/survey/v2, github.com/MakeNowJust/heredoc, github.com/briandowns/spinner, github.com/charmbracelet/glamour, github.com/cli/browser, github.com/cli/oauth, github.com/cli/safeexec, github.com/cpuguy83/go-md2man/v2, github.com/creack/pty, github.com/gabriel-vasile/mimetype, github.com/google/go-cmp, github.com/google/shlex, github.com/gorilla/websocket, github.com/hashicorp/go-version, github.com/henvic/httpretty, github.com/itchyny/gojq, github.com/kballard/go-shellquote, github.com/mattn/go-colorable, github.com/mattn/go-isatty, github.com/mgutz/ansi, github.com/muesli/reflow, github.com/muesli/termenv, github.com/muhammadmuzzammil1998/jsonc, github.com/opentracing/opentracing-go, github.com/shurcooL/githubv4, github.com/skratchdot/open-golang, github.com/sourcegraph/jsonrpc2, github.com/spf13/cobra, github.com/spf13/pflag, github.com/stretchr/testify, golang.org/x/sync, golang.org/x/sys, golang.org/x/term, gopkg.in/yaml.v3
+
+=== github.com/AlecAivazis/survey/v2 (2.3.2)
+ => checking for updates 1/34
+ => latest available version is 2.3.2
+ => latest allowed version is 2.3.2
+ (no update needed as it's already up-to-date)
+
+=== github.com/MakeNowJust/heredoc (1.0.0)
+ => checking for updates 2/34
+ => latest available version is 1.0.0
+ => latest allowed version is 1.0.0
+ (no update needed as it's already up-to-date)
+```
+
+# Dependabot - Debugging Private Registries
+
+Debugging issues related to private registries is difficult.
+
+We're working on it. [github/dependabot-updates/pull/1956](https://github.com/github/dependabot-updates/pull/1956)
+
+# Dependabot - Gimme some mo'
+
+* [Rewatch: Life of Dependabot Job](https://github.rewatch.com/video/nnat4r6492aj3bvf-life-of-a-dependabot-job)
+* [0001-firecracker ADR](https://github.com/github/dependabot-updates/blob/main/docs/adrs/0001-firecracker.md)
+* [Kickoff Doc: Dependabot Runtime on GHES](https://github.com/github/dependabot-updates/blob/main/docs/kickoff/2021-06-24-ghes-runtime.md)