Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adds Dependabot #212

Merged
merged 3 commits into from
Nov 3, 2021
Merged

Adds Dependabot #212

merged 3 commits into from
Nov 3, 2021

Conversation

pinkforest
Copy link
Collaborator

@pinkforest pinkforest commented Nov 3, 2021
edited
Loading

https://deps.rs/repo/github/rust-secure-code/cargo-geiger

Why?

Please note

  • Please enable dependabot under repo settings / security
  • Run manually via insights / dependency graph / dependabot (automatic daily otherwise)
  • Add labels "deps" and "ci" for PRs so they can be searched/categorised

@pinkforest pinkforest mentioned this pull request Nov 3, 2021
Closed
@pinkforest
Copy link
Collaborator Author

@tarcieri can you review this thru pls thanks

@tarcieri tarcieri merged commit 99c75d8 into geiger-rs:master Nov 3, 2021
tarcieri
tarcieri reviewed Nov 18, 2021
View reviewed changes
.github/dependabot.yml
labels:
- "domain: deps"
commit-message:
prefix: "* RoboYak deps"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess I missed this: seems like it might be copypasta? It should probably be changed

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nothing wrong with it really? just how I do it elsewhere... I like clear prefixed commit messages and put labels so I can organise my PRs appropriately with them.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Aah, ok. I was confused by the name "RoboYak". I assumed it was some other project you had copied and pasted the Dependabot config from.

Perhaps we could change it to something a little less surprising like "Dependabot"?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tarcieri tarcieri tarcieri approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@pinkforest @tarcieri