Closed andrewbruno closed 6 months ago
@ethomson love your work, so don't want to take any credit. I did however fork your project in order to do some security analysis to get it approved for my company.
Dependabot is pretty cool, strongly recommend adding:
Good call, thanks @andrewbruno -- I added dependabot and codeql
Awesome, looking forward to seeing version 2.2
Closing this - let me know if there's anything else that we can do 🙏
We would like to use this action in our organization, but would like better security practices.
Would it be possible to add dependabot
https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates