Change versioning-strategy to increase

byrichardpowell · byrichardpowell · commit b2e62659e5f6 · 2025-09-05T10:28:02.000-04:00
I misunderstood how increase-if-necessary works.  How it works:

1. Will only update the package.json if the range doesnt match
2. If the range matches, it will update the package-lock.yml file

I chose increase-if-necessary because I thought it would reduce PR's. It doesn't.  We get the same number of PR's, just some of them don't touc hthe package.json file.

On top of that, increase-if-necessary seems problematic since it may change the package-lock.yml file, but not the actual package.json file. This means our local version of a package could drift from the released version of a package, even with the same version number.  That seems like it would be hard to debug.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -13,9 +13,6 @@ updates:
       interval: 'weekly'
     # Dependabot defaults to 5 open pull requests at a time
     open-pull-requests-limit: 100
-    # ignore versions already covered by a range
-    # e.g: ^1.2.3 -> 1.2.4, would be ignored
-    versioning-strategy: increase-if-necessary
 
     # Cooldown is the number of days after a release to wait until opening a PR
     # This gives us more confidence changes can be merged because changes have been community tested.
