chore: Included githubactions in the dependabot config - Githubissues

allenai / allennlp

An open-source NLP research library, built on PyTorch.

http://www.allennlp.org

Apache License 2.0

11.72k stars 2.25k forks source link

chore: Included githubactions in the dependabot config #5633

Closed naveensrinivasan closed 2 years ago

naveensrinivasan commented 2 years ago

This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure.

Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot

GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot

https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool Signed-off-by: naveensrinivasan 172697+naveensrinivasan@users.noreply.github.com

dirkgr commented 2 years ago

This change is merged. I'm not sure why GitHub doesn't notice that.