one unintended effect of reopening Git repositories for
 https://issues.apache.org/jira/browse/ATTIC-234
is that dependabot is activating again

Is the work on ATTIC-234, just need to archive the Git repositories again?

or should we do something to deactivate Dependabot?

Regards,

Hervé

Le jeudi 22 mai 2025, 20:50:36 CEST dependabot[bot] (via GitHub) a écrit :
> dependabot[bot] opened a new pull request, #647:
> URL: https://github.com/apache/usergrid/pull/647
> 
>    Bumps
> [org.eclipse.jgit:org.eclipse.jgit](https://github.com/eclipse-jgit/jgit)
> from 3.1.0.201310021548-r to 7.2.1.202505142326-r. <details>
>    <summary>Commits</summary>
>    <ul>
>    <li><a
> href="https://github.com/eclipse-jgit/jgit/commit/c212ced3806862cacfa8cb85c
> f221061c7898b91"><code>c212ced</code></a> JGit v7.2.1.202505142326-r</li>
> <li><a
> href="https://github.com/eclipse-jgit/jgit/commit/c6fc3607079022e95b018b60c
> 830b3da63bf6fef"><code>c6fc360</code></a> AmazonS3: Do not accept DOCTYPE
> and entities</li> <li><a
> href="https://github.com/eclipse-jgit/jgit/commit/dab4f52d49a4638142027b916
> e31a5a470df7f03"><code>dab4f52</code></a> ManifestParser: Do not accept
> DOCTYPE and entities</li> <li><a
> href="https://github.com/eclipse-jgit/jgit/commit/46a6378789fdc75e5b00d8009
> b136462bdd97174"><code>46a6378</code></a> Fix package name of spring boot
> JarLauncher class in jgit.sh</li> <li><a
> href="https://github.com/eclipse-jgit/jgit/commit/79736e412e971cea1d034e18d
> 784f1d4d12b3a0f"><code>79736e4</code></a> Prepare 7.2.1-SNAPSHOT builds</li>
> <li><a
> href="https://github.com/eclipse-jgit/jgit/commit/fddef06ccb0034b6b747a6253
> 2025d3d712dbe47"><code>fddef06</code></a> JGit v7.2.0.202503040940-r</li>
> <li><a
> href="https://github.com/eclipse-jgit/jgit/commit/c43126fc84a5f123b2dec8afe
> 1b3815ffba865d0"><code>c43126f</code></a> JGit v7.2.0.202503040805-r</li>
> <li><a
> href="https://github.com/eclipse-jgit/jgit/commit/28136bc499832d6031e1b99d9
> 8d0328c17d469d3"><code>28136bc</code></a> CacheRegion: fix non translatable
> text warnings</li> <li><a
> href="https://github.com/eclipse-jgit/jgit/commit/1468a80ff7859995c3a2e2018
> bbfea81312c76e9"><code>1468a80</code></a> Merge branch 'master' into
> stable-7.2</li> <li><a
> href="https://github.com/eclipse-jgit/jgit/commit/4ef88700db1da4ab07917b084
> 057769a43735682"><code>4ef8870</code></a> Ensure access to autoRefresh is
> thread-safe</li> <li>Additional commits viewable in <a
> href="https://github.com/eclipse-jgit/jgit/compare/v3.1.0.201310021548-r...
> v7.2.1.202505142326-r">compare view</a></li> </ul>
>    </details>
>    <br />
> 
> 
>    [![Dependabot compatibility
> score](https://dependabot-badges.githubapp.com/badges/compatibility_score?d
> ependency-name=org.eclipse.jgit:org.eclipse.jgit&package-manager=maven&previ
> ous-version=3.1.0.201310021548-r&new-version=7.2.1.202505142326-r)](https://
> docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot
> -security-updates#about-compatibility-scores)
> 
>    Dependabot will resolve any conflicts with this PR as long as you don't
> alter it yourself. You can also trigger a rebase manually by commenting
> `@dependabot rebase`.
> 
>    [//]: # (dependabot-automerge-start)
>    [//]: # (dependabot-automerge-end)
> 
>    ---
> 
>    <details>
>    <summary>Dependabot commands and options</summary>
>    <br />
> 
>    You can trigger Dependabot actions by commenting on this PR:
>    - `@dependabot rebase` will rebase this PR
>    - `@dependabot recreate` will recreate this PR, overwriting any edits
> that have been made to it - `@dependabot merge` will merge this PR after
> your CI passes on it - `@dependabot squash and merge` will squash and merge
> this PR after your CI passes on it - `@dependabot cancel merge` will cancel
> a previously requested merge and block automerging - `@dependabot reopen`
> will reopen this PR if it is closed
>    - `@dependabot close` will close this PR and stop Dependabot recreating
> it. You can achieve the same result by closing it manually - `@dependabot
> show <dependency name> ignore conditions` will show all of the ignore
> conditions of the specified dependency - `@dependabot ignore this major
> version` will close this PR and stop Dependabot creating any more for this
> major version (unless you reopen the PR or upgrade to it yourself) -
> `@dependabot ignore this minor version` will close this PR and stop
> Dependabot creating any more for this minor version (unless you reopen the
> PR or upgrade to it yourself) - `@dependabot ignore this dependency` will
> close this PR and stop Dependabot creating any more for this dependency
> (unless you reopen the PR or upgrade to it yourself) You can disable
> automated security fix PRs for this repo from the [Security Alerts
> page](https://github.com/apache/usergrid/network/alerts).
> 
>    </details>




Reply via email to