The recommended approach to automating updates to Altis is to use GitHub's Dependabot feature. This feature is provided for free by GitHub.
The service monitors the dependencies in your project and creates automatic pull requests whenever there are updates. This will help you to keep your projects healthy and always running the latest patch release of all Altis modules.
Setting Up Dependabot
To get started create a
dependabot.yml file in your project root.
The minimum recommended configuration for Altis is as follows:
version: 2 updates: # Enable version updates for Composer - package-ecosystem: "composer" # Look for `composer.json` and `composer.lock` files in the `root` directory directory: "/" # Create pull requests for updates (if any) once a day: schedule: interval: "daily" # Increase the version requirements for Composer # only when required versioning-strategy: lockfile-only
Finally commit this file to your repo, and you're done.
There are many more configuration options available and you can add additional update rules for different package ecosystems like npm to this file as well.