github/dependabot: create security fix PRs only #639

igungor · 2023-08-08T08:24:41Z

Dependabot became annoying very fast. The only way to disable release
updates but allow security fixes is to set open pull request limit
to 0, according to
https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#open-pull-requests-limit

Dependabot became annoying very fast. The only way to disable release updates but allow security fixes is to set open pull request limit to 0, according to https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#open-pull-requests-limit

igungor requested a review from a team as a code owner August 8, 2023 08:24

igungor requested review from ilkinulas and seruman and removed request for a team August 8, 2023 08:24

seruman approved these changes Aug 8, 2023

View reviewed changes

ilkinulas approved these changes Aug 8, 2023

View reviewed changes

igungor merged commit ab52b9c into master Aug 8, 2023
13 checks passed

igungor deleted the dependabot-sec-only branch August 8, 2023 08:59

Provide feedback