Closed swcurran closed 5 years ago
Thinking we can just turn on the automated feature which is using dependabot;
I turned on Automated security fixes on all of the VON repositories over which I have control.
Process: Click on the Security tab for the repository. Enable Automated security fixes.
Found on the rocketchat channels:
https://dependabot.com/docs/config-file/
It automatically detects new versions of dependencies and creates a pull request for them. Also does security PRs
dependabot was acquired by Github and is now free
This would be really useful for all of our repos, so let's experiment with it in indy-catalyst and/or indycat-agent. If it is good - we can expand it's use.
@WadeBarnes - please reassign if this should be a dev task.
FYI - @nrempel @esune @ianco @cywolf