I've got a suggestion / request: would you be up for using Dependabot to automatically create dependency update PRs for this repo? I ran it against my fork and it generated these PRs. I'll port the security related ones across to this repo now (I don't think any of them are exploitable, but doesn't hurt to patch).
I built Dependabot, but I'm honestly only suggesting it because I hope it can save you some time. I'd love any feedback, and obviously having open source repos using Dependabot helps boost its profile, but if it's not helpful to you then it's not really worth anything.
You can install it from here or here if you decide to give it a try. It's been through GitHub's security testing (to be allowed in the GitHub Marketplace) and is used by a few thousand organisations, and the source code is here.
First of all, thanks for TestTrack!
I've got a suggestion / request: would you be up for using Dependabot to automatically create dependency update PRs for this repo? I ran it against my fork and it generated these PRs. I'll port the security related ones across to this repo now (I don't think any of them are exploitable, but doesn't hurt to patch).
I built Dependabot, but I'm honestly only suggesting it because I hope it can save you some time. I'd love any feedback, and obviously having open source repos using Dependabot helps boost its profile, but if it's not helpful to you then it's not really worth anything.
You can install it from here or here if you decide to give it a try. It's been through GitHub's security testing (to be allowed in the GitHub Marketplace) and is used by a few thousand organisations, and the source code is here.
:octocat: