I’m currently looking at whether dependabot is a suitable tool to raise PRs bumping dependants’ version number whenever and internal gradle package is bumped. We have a bit of a unique use case; we configure our local machines’ gradle to use an internally hosted (Only accessible once on the VPN) maven repository, and in the gradle build file we only have
mavenCentral(). This means only machines running within the vpn can actually resolve the repo, and get the dependencies.
I can’t see a way to do this with dependabot at the moment. Is there something I’m missing, or am I better off looking for another tool?