Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[APPSEC-480] Add dependabot configuration file to .github directory #19

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

Taofeeqib
Copy link

What is this PR about?
• For general version updates of 3rd-party libraries irrespective of security vulnerabilities
• Base configuration for dependabot version update

Why are we doing this?
• To give you the option of automating general version updates of 3rd-party libraries through Dependabot, by approving this PR. However, you can choose to ignore this if you don't want this automation.

How does it help you?
• Reduces your effort and time for version updates by eliminating the need to manually configure this

Note: You can modify the base configuration to suit your needs, please see the documentation and samples

Please reach out to APS squad at #security OR #security-ghas-help OR @security-aps on Slack for any question

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant