I noticed that many of the GitHub Actions used by Jansson are a few major versions out-of-date (i.e. actions/checkout@v2 when there's now v4). A dependency update tool such as dependabot can help keep these Actions up-to-date, giving Jansson access to new features/optimizations that may have been released.
I'll send a PR updating the Actions and setting up dependabot.
Disclosure: My name is Pedro and I work with Google and the Open Source Security Foundation (OpenSSF) to improve the supply-chain security of the open-source ecosystem.
I noticed that many of the GitHub Actions used by Jansson are a few major versions out-of-date (i.e.
actions/checkout@v2when there's nowv4). A dependency update tool such as dependabot can help keep these Actions up-to-date, giving Jansson access to new features/optimizations that may have been released.I'll send a PR updating the Actions and setting up dependabot.
Disclosure: My name is Pedro and I work with Google and the Open Source Security Foundation (OpenSSF) to improve the supply-chain security of the open-source ecosystem.