Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Resolves: Add security and versioning dependency alerts #944

Open
wants to merge 23 commits into
base: main
Choose a base branch
from
Open

Resolves: Add security and versioning dependency alerts #944

Changes from 2 commits
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
ebf208c
Feature/dependabot (#1)
aleks-ivanov May 25, 2021
6caf942
add more dependency sources and private registry declaration
aleks-ivanov Jun 3, 2021
cc2dd6d
Merge branch 'main' into feature/dependabot
aleks-ivanov Jun 5, 2021
a8d5dc8
Merge branch 'main' into feature/dependabot
aleks-ivanov Jun 13, 2021
986b43e
Merge branch 'main' into feature/dependabot
aleks-ivanov Jun 14, 2021
d11eab1
add private feed to the proper
aleks-ivanov Jul 22, 2021
61ca15a
Merge branch 'main' into feature/dependabot
aleks-ivanov Jan 22, 2022
862a78b
Merge branch 'main' into feature/dependabot
aleks-ivanov Jan 28, 2022
f9e59b2
Merge branch 'main' into feature/dependabot
aleks-ivanov Feb 1, 2022
58ac305
Merge branch 'main' into feature/dependabot
aleks-ivanov Feb 2, 2022
9891f2b
Merge branch 'main' into feature/dependabot
aleks-ivanov Feb 4, 2022
a5c78c1
Merge branch 'main' into feature/dependabot
aleks-ivanov Feb 15, 2022
c822b33
Merge branch 'main' into feature/dependabot
aleks-ivanov Apr 15, 2022
7b26430
Merge branch 'main' into feature/dependabot
aleks-ivanov Apr 22, 2022
fec28df
Merge branch 'main' into feature/dependabot
aleks-ivanov May 3, 2022
da56bb6
Merge branch 'main' into feature/dependabot
aleks-ivanov May 7, 2022
fb776c8
Merge branch 'main' into feature/dependabot
aleks-ivanov May 20, 2022
478e10e
Merge branch 'main' into feature/dependabot
aleks-ivanov May 25, 2022
097cb56
Merge branch 'main' into feature/dependabot
aleks-ivanov Oct 25, 2022
44e4fe8
Merge branch 'main' into feature/dependabot
aleks-ivanov Nov 2, 2022
8f44337
Merge branch 'main' into feature/dependabot
aleks-ivanov Jan 7, 2023
53c93ad
Merge branch 'main' into feature/dependabot
aleks-ivanov Feb 1, 2023
0798170
Merge branch 'main' into feature/dependabot
aleks-ivanov Mar 2, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
283 changes: 283 additions & 0 deletions .github/dependabot.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,283 @@
version: 2
registries:
visual-studio-securitytools:
type: nuget-feed
url: https://securitytools.pkgs.visualstudio.com/_packaging/Guardian/nuget/v3/index.json
# token: ${{ secrets.NUGET_PRIVATE_REG_TOKEN }}
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To allow Dependabot suggest updates for dependencies in eng/common/sdl/packages.config:

  • add registry token as GitHub secret with the name NUGET_PRIVATE_REG_TOKEN and uncomment

updates:
- package-ecosystem: 'maven'
directory: 'benchmark/scala'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'maven'
directory: 'src/scala'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'maven'
directory: 'src/scala/microsoft-spark-2-4'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'maven'
directory: 'src/scala/microsoft-spark-3-0'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'maven'
directory: 'src/scala/microsoft-spark-3-1'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'nuget'
directory: 'benchmark/csharp'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'nuget'
directory: 'benchmark/csharp/Tpch'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'nuget'
directory: 'eng/common/internal'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'nuget'
directory: 'eng/common/sdl'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'nuget'
directory: 'examples'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'nuget'
directory: 'examples/Microsoft.Spark.CSharp.Examples'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'nuget'
directory: 'examples/Microsoft.Spark.FSharp.Examples'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'nuget'
directory: 'src/csharp'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'nuget'
directory: 'src/csharp/Extensions/Microsoft.Spark.Extensions.Delta'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'nuget'
directory: 'src/csharp/Extensions/Microsoft.Spark.Extensions.Delta.E2ETest'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'nuget'
directory: 'src/csharp/Extensions/Microsoft.Spark.Extensions.DotNet.Interactive'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'nuget'
directory: 'src/csharp/Extensions/Microsoft.Spark.Extensions.DotNet.Interactive.UnitTest'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'nuget'
directory: 'src/csharp/Extensions/Microsoft.Spark.Extensions.Hyperspace'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'nuget'
directory: 'src/csharp/Extensions/Microsoft.Spark.Extensions.Hyperspace.E2ETest'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'nuget'
directory: 'src/csharp/Microsoft.Spark'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'nuget'
directory: 'src/csharp/Microsoft.Spark.E2ETest'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'nuget'
directory: 'src/csharp/Microsoft.Spark.E2ETest.ExternalLibrary'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'nuget'
directory: 'src/csharp/Microsoft.Spark.UnitTest'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'nuget'
directory: 'src/csharp/Microsoft.Spark.Worker'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

- package-ecosystem: 'nuget'
directory: 'src/csharp/Microsoft.Spark.Worker.UnitTest'
open-pull-requests-limit: 10
schedule:
interval: 'daily'
# target-branch: 'develop'
# assignees:
# - assignee_one
# reviewers:
# - reviewer_one

# Built with ❤ by [Pipeline Foundation](https://pipeline.foundation)