search

gravitystorm / openstreetmap-website

The Rails application powering OpenStreetMap
http://www.openstreetmap.org/
GNU General Public License v2.0
2 stars 1 forks source link

Disable dependabot #219

Closed pnorman closed 2 years ago

pnorman commented 2 years ago

URL

No response

How to reproduce the issue?

No response

Screenshot(s) or anything else?

If you go to https://github.com/gravitystorm/openstreetmap-website/settings/security_analysis you can disable dependabot for your fork, avoiding the PRs to update it

gravitystorm commented 2 years ago

Unfortunately this isn’t possible for this repo. I contacted GitHub support about it in 2020 and they said

Thank you for contacting GitHub support. There is a known issue with forked repositories getting automatically enabled if they ever tried Dependabot security updates. The current workaround is to either remove the config file from your forked repository or remove the forked repository entirely and fork it again since new forked repositories don't have this issue.

I’ve tried to avoid deleting this repo since it has its own list of issues and discussions on those issues. But if dependabot is annoying other people as well as just me, I might have to bite the bullet.

pnorman commented 2 years ago

There's only 4 people watching this repo so not a real issue. I mentally filter out all openstreetmap-website dependabot notifications, regardless of origin