Missing security policy and dependabot workflow

Madrapps / jacoco-report

Github action that publishes the JaCoCo report as a comment in the Pull Request

https://github.com/marketplace/actions/jacoco-report

MIT License

144 stars 63 forks source link

Missing security policy and dependabot workflow #90

Closed w0rmr1d3r closed 6 days ago

w0rmr1d3r commented 4 months ago

Hello maintainers,

I come with a couple of questions:

I see this repo lacks a security policy (see: https://github.com/Madrapps/jacoco-report/security), are there any plans to have one?

At the same time, I saw both the issue and PR about bumping/upgrading this action to use node v20, since node v16 seems to be deprecated. Are there any plans to add a .dependabot workflow to also keep up with dependencies updates?

Thank you in advance

instrap commented 6 days ago

Thanks for raising this issue. We have added both now.