github-actions[bot]
commented
4 months ago A new generated diff is ready to view.
- No codegen difference in the AWS SDK
Closed ianbotsf closed 4 months ago
github-actions[bot]
commented
4 months ago A new generated diff is ready to view.
github-actions[bot]
commented
4 months ago No artifacts changed size
sonarcloud[bot]
commented
4 months ago 
Quality Gate passedIssues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
ianbotsf
commented
4 months ago As noted by @lauzadis this change would stop us from receiving automatic security version bump PRs.
From documentation of the allow parameter:
Use the
allowoption to customize which dependencies are updated. This applies to both version and security updates.
This leaves us with no way to define separate rules for security updates and non-security version upgrades. Since automated security updates are more important, I'm closing this PR for now until such time as feature requests like https://github.com/dependabot/dependabot-core/issues/6380 or https://github.com/dependabot/dependabot-core/issues/1778 are addressed.
Issue \
(none)
Description of changes
This change should enable Dependabot to send PRs to us when new versions of Smithy are launched. Only Smithy is allowlisted for now—we can see if it makes sense to enable for other dependencies in the future.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.