From d77783ca009d9b70372881a71e53089eef0b1ee9 Mon Sep 17 00:00:00 2001
From: DMRobertson <DMRobertson@users.noreply.github.com>
Date: Tue, 30 May 2023 12:55:46 +0000
Subject: deploy: 42786d8a477b6d44075b0e56949820331d9962d8

---
 develop/development/dependencies.html | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

(limited to 'develop/development')

diff --git a/develop/development/dependencies.html b/develop/development/dependencies.html
index 8435095574..d64f15fc41 100644
--- a/develop/development/dependencies.html
+++ b/develop/development/dependencies.html
@@ -334,15 +334,16 @@ poetry lock --no-update
 doesn't require poetry. (It's what we use in CI too). However, you could try
 <code>poetry build</code> too.</p>
 <h2 id="handle-a-dependabot-pull-request"><a class="header" href="#handle-a-dependabot-pull-request">...handle a Dependabot pull request?</a></h2>
-<p>Synapse uses Dependabot to keep the <code>poetry.lock</code> file up-to-date. When it
-creates a pull request a GitHub Action will run to automatically create a changelog
-file. Ensure that:</p>
+<p>Synapse uses Dependabot to keep the <code>poetry.lock</code> and <code>Cargo.lock</code> file 
+up-to-date with the latest releases of our dependencies. The changelog check is
+omitted for Dependabot PRs; the release script will include them in the 
+changelog.</p>
+<p>When reviewing a dependabot PR, ensure that:</p>
 <ul>
 <li>the lockfile changes look reasonable;</li>
 <li>the upstream changelog file (linked in the description) doesn't include any
 breaking changes;</li>
-<li>continuous integration passes (due to permissions, the GitHub Actions run on
-the changelog commit will fail, look at the initial commit of the pull request);</li>
+<li>continuous integration passes.</li>
 </ul>
 <p>In particular, any updates to the type hints (usually packages which start with <code>types-</code>)
 should be safe to merge if linting passes.</p>
-- 
cgit 1.5.1