chore: pin all package dependencies

errbotio / errbot

Errbot is a chatbot, a daemon that connects to your favorite chat service and bring your tools and some fun into the conversation.

http://errbot.io

GNU General Public License v3.0

3.12k stars 612 forks source link

chore: pin all package dependencies #1553

Closed sijis closed 2 years ago

sijis commented 2 years ago

Pinning all package dependencies.

sijis commented 2 years ago

This looks good to me. Is there a security bot in-place that'll track dependencies (dependabot or whatever) that will prompt us for stream updates?

I had the same thought too. There is dependabot but based on our current project layout I dont think it will detect the packages, so i'd have to swtich things up a bit to make that work. I did enable it though, so we'll see.