[Query] How to label Dependabot Security Alert PRs

crazy-max / ghaction-github-labeler

GitHub Action to manage labels on GitHub

https://github.com/marketplace/actions/github-labeler

MIT License

143 stars 17 forks source link

[Query] How to label Dependabot Security Alert PRs #133

Closed ejntaylor closed 3 years ago

ejntaylor commented 3 years ago

Dependabot creates two types of pull requests - standard version bumps and security vulnerability bumps.

Is there a way we can use your labeler action to add a specific 'security' label to the latter?

Thanks

crazy-max commented 3 years ago

@raisonon Not possible and not the purpose of this action. I think it has to be done on Dependabot side with a new attribute like security-labels. Suggest to leave an issue on their repo: https://github.com/dependabot/dependabot-core

ejntaylor commented 3 years ago

Thanks. For reference: https://github.com/dependabot/dependabot-core/issues/3726