Closed oriontvv closed 8 months ago
(Spam. They've sent 40 identical PRs to other repositories. All PRs have an unparented commit, ie the commits were created without regard to the content of the repository, which in one case meant they submitted a PR to a repository that already had a dependabot config. Not caring about the repository content is also why the dependabot config uses cargo+docker+github-actions even if the repository doesn't use all of them.)
This PR adds dependabot config