Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: Dependabot check Github Actions daily #1243

Merged
merged 1 commit into from
Apr 29, 2022
Merged

chore: Dependabot check Github Actions daily #1243

merged 1 commit into from
Apr 29, 2022

Conversation

neilnaveen
Copy link
Contributor

This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure.

Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot

GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot

https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool
Signed-off-by: neilnaveen 42328488+neilnaveen@users.noreply.github.com

Magerun pull-request check-list:

  • Pull request against develop branch (if not, just close and create a new one against it)
  • README.md reflects changes (if any)

@ktomk
Copy link
Collaborator

ktomk commented Apr 27, 2022
edited

Thanks for taking care @neilnaveen, could you please take a look at the commit message (ref):

  • limit the line length to 72 characters in the message, if you have links, reference them and add them to the end of the message, like where the sign-off line was placed.
  • for the sign-off please use a real name and a real mail address. if you don't like that, just leave it out (we don't require sign-offs)
  • for the subject line, please keep it short, e.g. "chore: Dependabot check Github Actions daily" or similar and restrain from past-tense as in "Included".

When you address any of these changes, please amend the commit and force-push to update the PR (instead of closing and creating a new one).

Thanks a lot!

@neilnaveen neilnaveen changed the title chore: Included githubactions in the dependabot config chore: Dependabot check Github Actions daily Apr 28, 2022
@neilnaveen
chore: Dependabot check Github Actions daily
6eedb2e 
This should help with keeping the GitHub actions updated on new
releases. This will also help with keeping it secure.

Dependabot helps in keeping the supply chain secure
https://docs.github.com/en/code-security/dependabot

Signed-off-by: neilnaveen <42328488+neilnaveen@users.noreply.github.com>
@neilnaveen
Copy link
Contributor Author

Thanks for taking care @neilnaveen, could you please take a look at the commit message (ref):

  • limit the line length to 72 characters in the message, if you have links, reference them and add them to the end of the message, like where the sign-off line was placed.
  • for the sign-off please use a real name and a real mail address. if you don't like that, just leave it out (we don't require sign-offs)
  • for the subject line, please keep it short, e.g. "chore: Dependabot check Github Actions daily" or similar and restrain from past-tense as in "Included".

When you address any of these changes, please amend the commit and force-push to update the PR (instead of closing and creating a new one).

Thanks a lot!
I have fixed those issues. Thanks

@cmuench cmuench merged commit 429ac60 into netz98:develop Apr 29, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@neilnaveen @ktomk @cmuench