search

Boavizta / boaviztapi

🛠 Giving access to BOAVIZTA reference data and methodologies trough a RESTful API
GNU Affero General Public License v3.0
75 stars 25 forks source link

Improve our security posture by allowing dependabot to open PR #302

Closed demeringo closed 2 months ago

demeringo commented 2 months ago

Problem

On this repository, dependabot is configured to rise security alerts on dependencies (See https://github.com/Boavizta/boaviztapi/security/dependabot), but the job to create and test the related PR remains manual.

Solution

  1. Configure the test workflow to run on any PR (see #301)
  2. Configure dependabot to automatically open PR about dependencies updates.

Alternatives

Additional context or elements

da-ekchajzer commented 2 months ago

Great idea

demeringo commented 2 months ago

Done