Closed kenoir closed 4 months ago
Developers who want to understand if there are any security issues with our code.
This allows Dependabot to have visibility of security issues in our dependencies and raise relevant alerts.
See: https://github.com/scalacenter/sbt-dependency-submission
[!NOTE] This change does not automatically raise PRs to fix issues, we probably require scala-steward or similar for that.
See https://www.scala-lang.org/blog/2022/07/18/secure-your-dependencies-on-github.html for more information.
Part of https://github.com/wellcomecollection/platform-infrastructure/issues/431
Who is this change for?
Developers who want to understand if there are any security issues with our code.
What does this change do?
This allows Dependabot to have visibility of security issues in our dependencies and raise relevant alerts.
See: https://github.com/scalacenter/sbt-dependency-submission
See https://www.scala-lang.org/blog/2022/07/18/secure-your-dependencies-on-github.html for more information.