Skip to content

Disable security scan push event for dependabot#2404

Merged
carolynvs merged 2 commits intogetporter:mainfrom
carolynvs:sec-scan-dependabot
Oct 10, 2022
Merged

Disable security scan push event for dependabot#2404
carolynvs merged 2 commits intogetporter:mainfrom
carolynvs:sec-scan-dependabot

Conversation

@carolynvs
Copy link
Member

@carolynvs carolynvs commented Oct 10, 2022

Dependabot submits PRs from a branch in our own repo, not from a fork. So their pull requests trigger two security scan builds: one as push and another as pull_request_target. The push one always fails and is redundant.

This disables the security scan push event, just for dependabot branches so that we only scan dependabot PRs once.

@carolynvs
Disable security scan push event for dependabot
2a0cffe 
Dependabot submits PRs from a branch in our own repo, not from a fork. So their pull requests trigger two security scan builds: one as push and another as pull_request_target. The push one always fails and is redundant.

This disables the security scan push event, just for dependabot branches so that we only scan dependabot PRs once.

Signed-off-by: Carolyn Van Slyck <me@carolynvanslyck.com>
@carolynvs
Merge branch 'main' into sec-scan-dependabot
2546454
@carolynvs carolynvs marked this pull request as ready for review October 10, 2022 19:49
@carolynvs carolynvs merged commit 3d27ad5 into getporter:main Oct 10, 2022
@carolynvs carolynvs deleted the sec-scan-dependabot branch October 10, 2022 20:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@VinozzZ VinozzZ Awaiting requested review from VinozzZ

@vdice vdice Awaiting requested review from vdice

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@carolynvs