Closed andrewbruno closed 6 months ago
andrewbruno
commented
1 year ago @ethomson love your work, so don't want to take any credit. I did however fork your project in order to do some security analysis to get it approved for my company.
Dependabot is pretty cool, strongly recommend adding:
ethomson
commented
1 year ago Good call, thanks @andrewbruno -- I added dependabot and codeql
andrewbruno
commented
1 year ago Awesome, looking forward to seeing version 2.2
ethomson
commented
6 months ago Closing this - let me know if there's anything else that we can do 🙏
We would like to use this action in our organization, but would like better security practices.
Would it be possible to add dependabot
https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates