publicdata/j40-cejst-2
1
0
Fork 0
mirror of https://github.com/DOI-DO/j40-cejst-2.git synced 2025-02-22 01:31:25 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

Silence dev only vulnerabilities (#1041)

Browse source 
Showing obscure vulnerabilities that only exist in the dev setup creates
more noise and means that they just get ignored (because they are
probably low priority). Silencing them means when we get a vulnerable
dependency alert we know to pay attention to it.

Comes from https://github.com/dependabot/dependabot-core/issues/2521 and
501bbef578.
This commit is contained in:
Shaun Verch 2021-12-13 13:54:59 -05:00 committed by GitHub
parent ad6dbf9709
commit 83eb7b0982
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
.github/dependabot.yml vendored Normal file
View file

@ -0,0 +1,8 @@
version: 2
updates:
- package-ecosystem: "npm"
directory: "/**"
schedule:
interval: "daily"
allow:
- dependency-type: "production"