Difference between revisions of "GitHub dependabot"
Jump to navigation
Jump to search
↑ https://github.blog/2019-05-23-introducing-new-ways-to-keep-your-code-secure/
↑ https://github.blog/2020-09-30-code-scanning-is-now-available/
| Line 13: | Line 13: | ||
* https://stackoverflow.com/questions/tagged/dependabot?tab=Votes | * https://stackoverflow.com/questions/tagged/dependabot?tab=Votes | ||
* Review Automerge: https://stackoverflow.com/questions/64116781/how-do-i-automerge-dependabot-updates-config-version-2 | * Review Automerge: https://stackoverflow.com/questions/64116781/how-do-i-automerge-dependabot-updates-config-version-2 | ||
| − | :::<code>if: ${{ github.actor == 'dependabot[bot]' }}</code> | + | :::<code>if: ${{ [[github.actor]] == 'dependabot[bot]' }}</code> |
== Related == | == Related == | ||
Revision as of 11:11, 20 April 2022
wikipedia:Dependabot (May 2019) automated dependency updates built into GitHub since May 2019.[1]
- Configuration:
.github/dependabot.yml
Contents
Changelog
- Feb 2022 https://github.blog/2022-02-08-improving-developer-experience-dependabot-alerts/
- Dependabot version updates https://github.blog/2020-06-01-keep-all-your-packages-up-to-date-with-dependabot/
Activities
- https://stackoverflow.com/questions/tagged/dependabot?tab=Votes
- Review Automerge: https://stackoverflow.com/questions/64116781/how-do-i-automerge-dependabot-updates-config-version-2
if: ${{ github.actor == 'dependabot[bot]' }}
Related
- Dependabot alerts
- GitHub security: GitHub code scanning (Sep 2020 [2])
- Semantic Versioning (semver)
- Amazon Inspector (Oct 2015)
npm audit
See also
- Dependabot, Dependabot alerts,
.github/dependabot.yml - GitHub security, GitHub Advanced Security (GHAS), GitHub Security Advisory (GHSA), GitHub code scanning, GitHub dependabot
Advertising:
