rparini
commented
7 months ago I've added the transitiveRemediation flag but it didn't make the PR I was expecting (to resolve https://github.com/rparini/cxroots-app/pull/199). I did solve this with lockFileMaintenance:
"lockFileMaintenance": { "enabled": true },but it's not a focused PR, it just rebuilds the whole lock file. I've taken the lockFileMaintenance out for now and maybe raise an issue with renovate the next time this comes up
Currently dependabot makes security PRs but would be nice to use renovate so that settings like reviewers and automerge are applied
Possibly relevant: