dependabot / fetch-metadata

Extract information about the dependencies being updated by a Dependabot-generated PR.
MIT License
182 stars 61 forks source link

Switch to the official action for managing app tokens #504

Closed jeffwidman closed 7 months ago

jeffwidman commented 7 months ago

Improve security by switching to the official GitHub action for managing app tokens. More details.

The repositories key is safe to remove because per the docs:

If owner and repositories are empty, access will be scoped to only the current repository.

See also: