publicdata/j40-cejst-2
1
0
Fork 0
mirror of https://github.com/DOI-DO/j40-cejst-2.git synced 2025-02-23 01:54:18 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

Document current dependabot issues in config file

Browse source 
Fixes: https://github.com/usds/justice40-tool/issues/1121

It's unclear whether this file is doing what we want it to do. This is
an open issue in the dependabot repo. Added a comment to document the
current status of what's going on here.

If these keep coming up (which they probably will), we might either want
to disable dependabot or document a quick workflow for verifying this is
a dev only issue (https://github.com/usds/justice40-tool/issues/1121
might be that documentation).
This commit is contained in:
Shaun Verch 2022-01-11 12:00:07 -05:00
parent 0abf04d6c2
commit ba047ff643
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
.github/dependabot.yml vendored
View file

@ -1,3 +1,6 @@
# It's unclear whether this configuration is supported for stopping dev only
# security issues, see https://github.com/usds/justice40-tool/issues/1121 and
# https://github.com/dependabot/dependabot-core/issues/2521.
version: 2 version: 2
updates: updates:
- package-ecosystem: "npm" - package-ecosystem: "npm"