Add dependabot.yml to enable version updates for GitHub actions#653
Merged
e-perl-NOAA merged 2 commits intomainfrom Feb 4, 2025
Merged
Add dependabot.yml to enable version updates for GitHub actions#653e-perl-NOAA merged 2 commits intomainfrom
e-perl-NOAA merged 2 commits intomainfrom
Conversation
iantaylor-NOAA
approved these changes
Feb 4, 2025
Contributor
iantaylor-NOAA
left a comment
iantaylor-NOAA
left a comment
There was a problem hiding this comment.
@e-perl-NOAA, thanks for adding this. I haven't tried to fully understand dependabot, but I'm convinced that the change is valuable and the risk is low.
Collaborator
Author
|
@iantaylor-NOAA here is an example of the dependabot in action! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Concisely describe what has been changed/addressed in the pull request.
Add dependabot.yml to enable version updates for GitHub actions. This will check for updates to GitHub actions common reusable workflows which are otherwise hard to keep track of.
FIMS has also implemented dependapot.yml - see here.
You can find more information on dependabot here.
What tests have been done?
Where are the relevant files?
What tests/review still need to be done?
None.
Is there an input change for users to Stock Synthesis?
Additional information (optional).