mysticaltech
commented
1 week ago Looking good! It changes rarely. If dependabot can do it why not, but not sure it supports that kind of updates. It's already active in the repo normally.
Closed pat-s closed 1 day ago
mysticaltech
commented
1 week ago Looking good! It changes rarely. If dependabot can do it why not, but not sure it supports that kind of updates. It's already active in the repo normally.
pat-s
commented
1 week ago I am saying this in the hope that there is motivation to keep all dependencies of this module up-to-date. I myself don't use dependabot but renovate, which can be configured to also check versions in files living in subdirs in any file.
I understand that it is hard to keep everything up-to-date if not all versions are located in a single file. However, I think it is important for such projects as otherwise this is an (easy) entrypoint for CVE or other failures related to leaving certain deps behind.
mysticaltech
commented
1 week ago You are totally right @pat-s. Will looking into Renovate.
janfrederik
commented
1 week ago Thanks, @pat-s! A few days ago I just made the same changes in my fork to propose a pull request ;-)
@mysticaltech Can these be taken care of by dependabot? Mainly the
selinuxone, the other one is only due every two years.