Difference between revisions of "GitHub dependabot"
Jump to navigation
Jump to search
↑ https://github.blog/2019-05-23-introducing-new-ways-to-keep-your-code-secure/
↑ https://github.blog/2020-09-30-code-scanning-is-now-available/
(7 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
− | [[wikipedia:Dependabot]] (May 2019) automated dependency updates built into GitHub since May 2019.<ref>https://github.blog/2019-05-23-introducing-new-ways-to-keep-your-code-secure/</ref> | + | [[wikipedia:Dependabot]] (May 2019) automated dependency updates built into [[GitHub]] since May 2019.<ref>https://github.blog/2019-05-23-introducing-new-ways-to-keep-your-code-secure/</ref> |
− | https://github.com/dependabot | + | * Homepage: https://github.com/dependabot |
− | |||
− | |||
* Configuration: <code>[[.github/]][[dependabot.yml]]</code> | * Configuration: <code>[[.github/]][[dependabot.yml]]</code> | ||
Line 13: | Line 11: | ||
* https://stackoverflow.com/questions/tagged/dependabot?tab=Votes | * https://stackoverflow.com/questions/tagged/dependabot?tab=Votes | ||
* Review Automerge: https://stackoverflow.com/questions/64116781/how-do-i-automerge-dependabot-updates-config-version-2 | * Review Automerge: https://stackoverflow.com/questions/64116781/how-do-i-automerge-dependabot-updates-config-version-2 | ||
− | :::<code>if: ${{ github.actor == 'dependabot[bot]' }}</code> | + | :::<code>if: ${{ [[github.actor]] == 'dependabot[bot]' }}</code> |
== Related == | == Related == | ||
− | * Dependabot alerts | + | * [[Dependabot alerts]] |
* [[GitHub security]]: [[GitHub code scanning]] (Sep 2020 <ref>https://github.blog/2020-09-30-code-scanning-is-now-available/</ref>) | * [[GitHub security]]: [[GitHub code scanning]] (Sep 2020 <ref>https://github.blog/2020-09-30-code-scanning-is-now-available/</ref>) | ||
* [[Semantic Versioning]] ([[semver]]) | * [[Semantic Versioning]] ([[semver]]) | ||
* [[Amazon Inspector]] ([[AWS timeline|Oct 2015]]) | * [[Amazon Inspector]] ([[AWS timeline|Oct 2015]]) | ||
* <code>[[npm audit]]</code> | * <code>[[npm audit]]</code> | ||
+ | * [[GitHub Advanced Security]] include [[code scanning]] alerts | ||
+ | * [[Renovate]] bot | ||
== See also == | == See also == | ||
* {{Dependabot}} | * {{Dependabot}} | ||
* {{GitHub security}} | * {{GitHub security}} | ||
+ | * {{Bot}} | ||
[[Category:GitHub]] | [[Category:GitHub]] |
Latest revision as of 13:10, 12 April 2023
wikipedia:Dependabot (May 2019) automated dependency updates built into GitHub since May 2019.[1]
- Homepage: https://github.com/dependabot
- Configuration:
.github/dependabot.yml
Contents
Changelog[edit]
- Feb 2022 https://github.blog/2022-02-08-improving-developer-experience-dependabot-alerts/
- Dependabot version updates https://github.blog/2020-06-01-keep-all-your-packages-up-to-date-with-dependabot/
Activities[edit]
- https://stackoverflow.com/questions/tagged/dependabot?tab=Votes
- Review Automerge: https://stackoverflow.com/questions/64116781/how-do-i-automerge-dependabot-updates-config-version-2
if: ${{ github.actor == 'dependabot[bot]' }}
Related[edit]
- Dependabot alerts
- GitHub security: GitHub code scanning (Sep 2020 [2])
- Semantic Versioning (semver)
- Amazon Inspector (Oct 2015)
npm audit
- GitHub Advanced Security include code scanning alerts
- Renovate bot
See also[edit]
- Dependabot, Dependabot alerts,
.github/dependabot.yml
- GitHub security, GitHub Advanced Security (GHAS), GitHub Security Advisory (GHSA), GitHub code scanning, GitHub dependabot
- Bot, Bad Bots, Renovate bot, Dependabot
Advertising: