Noticed on recent dependabot PR the below being added to the PR.
Would using any of these options (i.e. like @dependabot close which prevent
some of the repeats notifications) help?
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- @dependabot reb
IMO it is the dependency's developer's duti to keep their private key safe, and
oss 's duty to keep the uploaded dependency stored and delivered safe.
If you really think to apply zero trust in this way, maybe we shall also think
git, github, maven, jdk, system,all of them have possibility to co
Late to the discussion but I think what is being said and with a few follow up
questions is…
The problem discussed is when a dependabot check occurs following a commit, it
highlights out of date dependencies (possibly security related) which notifies
folks via an automated email sent to multipl
Maybe a bit late in the game, but still:
In face of the fact, that we are already looking at a multi module project:
Having all the examples within a dedicated module added into the
hierarchy would allow us, to have it all, and still without burdening
the RM:
- keeping the examples current b
Hi All
I have created a new *PR*(*#200*) with all changes under a single
commit message. Kindly review the same and let me know if any further
change is required.
Thanks & Regards
--Avijit Basak
On Mon, 27 Dec 2021 at 23:31, Gilles Sadowski wrote:
> Hello.
>
> Le lun. 27 déc. 2021 à 16
