Closed arbourd closed 3 months ago
EDIT: Use the right url...
So how does this actually look like?
This?
As long as it won't be doing something funky like automatically committing changes to the repository...
It wouldn't update the repository directly @ac000, but it will open a PR. It would look something like this: https://github.com/arbourd/concourse-slack-alert-resource/pull/115
We already use dependabot for security related patches, by default.
This change adds a dependabot.yml configuration file that explicitly enables the service to manage versions of Actions in GitHub Actions. This ensures that Actions like
setup-go
are updated timely.This change does not affect how Dependabot manages versions for Go, Rust, etc. The file can be used to configure that for additional package managers and languages in the future, if desired.