Dependabot Integration #251
Assignees
Labels
Comments
elliot-huffman
added
enhancement
Merged
|
@rhys-vdw, since this is merged now, ready for publishing a major release (since old version of node support was dropped)! I have no other updates for now. I will work on prettier and some auto formatting a little later. I am done for today and until I get some milestones done on my project since I got this supply chain security dramatically improved 😊 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi Rhys,
I would like to propose deep Dependabot integration for automated dependency update PRs.
Dependabot is currently only in security scanning mode.
This is a great first step, why not use it to its full potential?
Fear not, this isn't as difficult as it sounds, I have created a PR (merge only after the VS code #250 is merged) to do just this.
This initial PR only enables Dependabot to scan the NPM and GH Actions versions for newer versions, in a future update, we can configure it to auto merge the PRs it will auto generate when all of the tests successfully run.
By enabling Debendabot, it will also enable the dependency graph feature for dependabot:
Changes:
The text was updated successfully, but these errors were encountered: