Skip to content
This repository was archived by the owner on Aug 30, 2024. It is now read-only.

chore: use dependabot to manage dependencies #259

Merged
merged 1 commit into from
Mar 6, 2021
Merged

chore: use dependabot to manage dependencies #259

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
chore: use dependabot to manage dependencies 
Use dependabot to manage the dependencies defined in go.mod and
GitHub Actions workflows, so that we can proactively update versions.

Outdated versions of third-party dependencies frequently have known
security vulnerabilities with CVEs.
  • Loading branch information
@jawnsy
jawnsy committed Mar 6, 2021
commit cecd8d1af6308880e55fae5ee511324cbf642c1e
19 changes: 19 additions & 0 deletions .github/dependabot.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "daily"
time: "11:00"
open-pull-requests-limit: 10
assignees:
- "dependabot"

- package-ecosystem: gomod
directory: "/"
schedule:
interval: daily
time: "11:00"
open-pull-requests-limit: 10
assignees:
- "dependabot"