Dependabot doesn't seem to be working for this repo!
Could enable periodic checks with e.g. Safety or Trivy. The latter definitely understands poetry.lock files. The former can't read a poetry.lock directly but is still an option.
Best to implement as a GitHub Action (see also Issue #152) rather than hack these checks into our Travis configs.
Dependabot doesn't seem to be working for this repo!
Could enable periodic checks with e.g. Safety or Trivy. The latter definitely understands
poetry.lock
files. The former can't read apoetry.lock
directly but is still an option.Best to implement as a GitHub Action (see also Issue #152) rather than hack these checks into our Travis configs.