Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add new, disabled dependabot ignore directives #127

Merged
merged 1 commit into from
Dec 19, 2023
Merged

Add new, disabled dependabot ignore directives #127

merged 1 commit into from
Dec 19, 2023

Conversation

mcdonnnj
Copy link
Member

πŸ—£ Description

This pull request adds disabled dependabot ignore directives for the Actions used in the CodeQL workflow.

πŸ’­ Motivation and context

We only want dependabot PRs for these dependencies created in this repository and then inherited by downstream repositories.

πŸ§ͺ Testing

Automated tests pass.

βœ… Pre-approval checklist

  • This PR has an informative and human-readable title.
  • Changes are limited to a single goal - eschew scope creep!
  • All relevant type-of-change labels have been added.
  • I have read the CONTRIBUTING document.
  • These code changes follow cisagov code standards.
  • All new and existing tests pass.

@mcdonnnj mcdonnnj added improvement This issue or pull request will add or improve functionality, maintainability, or ease of use dependencies Pull requests that update a dependency file labels Dec 18, 2023
@mcdonnnj mcdonnnj self-assigned this Dec 18, 2023
@jsf9k jsf9k added the kraken πŸ™ This pull request is ready to merge during the next Lineage Kraken release label Dec 18, 2023
@mcdonnnj mcdonnnj added this pull request to the merge queue Dec 19, 2023
@mcdonnnj mcdonnnj removed this pull request from the merge queue due to a manual request Dec 19, 2023
@mcdonnnj mcdonnnj force-pushed the improvement/update_dependabot_ignore_directives branch from f80b3ec to f352b8f Compare December 19, 2023 21:33
@mcdonnnj mcdonnnj added this pull request to the merge queue Dec 19, 2023
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to invalid changes in the merge commit Dec 19, 2023
@mcdonnnj mcdonnnj added this pull request to the merge queue Dec 19, 2023
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to invalid changes in the merge commit Dec 19, 2023
@mcdonnnj
Add new, disabled dependabot ignore directives
63ce462 
Add the Actions that are used in the CodeQL workflow as commented out
dependencies to ignore in the dependabot configuration. These will be
un-commented in downstream repositories so that only
cisagov/skeleton-python-library will have dependabot PRs created for
these dependencies.
@mcdonnnj mcdonnnj force-pushed the improvement/update_dependabot_ignore_directives branch from f352b8f to 63ce462 Compare December 19, 2023 22:44
@mcdonnnj mcdonnnj added this pull request to the merge queue Dec 19, 2023
Merged via the queue into develop with commit 31075ef Dec 19, 2023
63 checks passed
@mcdonnnj mcdonnnj deleted the improvement/update_dependabot_ignore_directives branch December 19, 2023 22:52
@mcdonnnj mcdonnnj mentioned this pull request Dec 22, 2023
Open
6 tasks
@mcdonnnj mcdonnnj mentioned this pull request Mar 27, 2024
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jsf9k jsf9k jsf9k approved these changes

@dav3r dav3r dav3r approved these changes

@felddy felddy Awaiting requested review from felddy felddy is a code owner

@jasonodoom jasonodoom Awaiting requested review from jasonodoom jasonodoom is a code owner

Assignees

@mcdonnnj mcdonnnj

Labels
dependencies Pull requests that update a dependency file improvement This issue or pull request will add or improve functionality, maintainability, or ease of use kraken πŸ™ This pull request is ready to merge during the next Lineage Kraken release
Projects
Next Kraken
Status: Done
Skeleton Maintenance
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@mcdonnnj @jsf9k @dav3r