Currently it is not possible to setup dependabot to automatically create PR's for security vulnerabilities in our gems, due to our use of git-version bump. The following lines
Looking through their repository, they don't seem horribly responsive to issues. If this is going to get fixed we will most likely have to fix it and submit a PR.
Currently it is not possible to setup dependabot to automatically create PR's for security vulnerabilities in our gems, due to our use of git-version bump. The following lines
https://github.com/mitre/inspec_tools/blob/dea500e4a854449a556ff523ccff147f4a416b73/inspec_tools.gemspec#L6-L10
Cause the following error on dependabot.
Looking through their repository, they don't seem horribly responsive to issues. If this is going to get fixed we will most likely have to fix it and submit a PR.