Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Limit dependabot to security updates #113

Merged
merged 1 commit into from
Feb 17, 2021
Merged

Limit dependabot to security updates #113

merged 1 commit into from
Feb 17, 2021

Conversation

markcellus
Copy link
Owner

This updates the dependabot configuration to only open PRs to upgrade dependencies with security vulnerabilities. This will save time from having to keep closing (postponing) dependabot PRs while much of the repo is still a work in progress.

Resolves #111

keithamus
keithamus approved these changes Feb 17, 2021
View reviewed changes
Copy link
Collaborator

@keithamus keithamus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 nice!

@keithamus keithamus merged commit cc9745b into master Feb 17, 2021
@keithamus keithamus deleted the limit_dependabot_to_sec_updates branch February 17, 2021 12:26
markcellus added a commit that referenced this pull request Mar 3, 2021
@markcellus
Delete dependabot.yml
335039d 
The Dependabot configuration file was invalid so this removes it entirely--we don't need it. This, in effect, still achieves the same goal as in #113.
@markcellus markcellus mentioned this pull request Mar 3, 2021
Merged
markcellus added a commit that referenced this pull request May 9, 2021
@markcellus
Delete dependabot.yml (#126)
b65eac0 
The Dependabot configuration file was invalid so this removes it entirely--we don't need it. This, in effect, still achieves the same goal as in #113.
markcellus added a commit that referenced this pull request Aug 18, 2022
@markcellus
Delete dependabot.yml (#126)
efc6981 
The Dependabot configuration file was invalid so this removes it entirely--we don't need it. This, in effect, still achieves the same goal as in #113.
markcellus added a commit that referenced this pull request Aug 18, 2022
@markcellus
Limit dependabot to security updates (#113)
162eccb
markcellus added a commit that referenced this pull request Aug 18, 2022
@markcellus
Delete dependabot.yml (#126)
d1950eb 
The Dependabot configuration file was invalid so this removes it entirely--we don't need it. This, in effect, still achieves the same goal as in #113.
markcellus added a commit that referenced this pull request Aug 18, 2022
@markcellus
Limit dependabot to security updates (#113)
212d94d
markcellus added a commit that referenced this pull request Aug 18, 2022
@markcellus
Limit dependabot to security updates (#113)
dcd9b86
markcellus added a commit that referenced this pull request Aug 18, 2022
@markcellus
Limit dependabot to security updates (#113)
cff533e
markcellus added a commit that referenced this pull request Aug 18, 2022
@markcellus
Delete dependabot.yml (#126)
a807378 
The Dependabot configuration file was invalid so this removes it entirely--we don't need it. This, in effect, still achieves the same goal as in #113.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@keithamus keithamus keithamus approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Should we disable the dependabot PRs?
2 participants
@markcellus @keithamus