Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for dependabot #46

Closed
sergey-bulavskiy opened this issue Aug 29, 2022 · 1 comment
Closed

Add support for dependabot #46

sergey-bulavskiy opened this issue Aug 29, 2022 · 1 comment
Assignees
@sergey-bulavskiy

Comments

@sergey-bulavskiy
Copy link
Collaborator

Dependabot can automatically create PRs on new version updates, we can investigate this tool and use it for newest dependencies versions.
https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates
@sergey-bulavskiy
Copy link
Collaborator Author

Due to various problems with dependabot currently, i.e. spam by pullrequests (dependabot/dependabot-core#1408), we decided to only leave notifications about vulnerabilities, automatic update of dependencies does not fit us in it's current state.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sergey-bulavskiy sergey-bulavskiy

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sergey-bulavskiy