Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Dependabot #386

Merged
merged 1 commit into from
Sep 27, 2022
Merged

Add Dependabot #386

merged 1 commit into from
Sep 27, 2022

Conversation

Garfield96
Copy link
Contributor

Signed-off-by: Christian Menges christian.menges@outlook.com

What this PR does / why we need it:

A number of Go dependencies, Docker base images and github actions use outdated versions, which pose a potential security problem and are missing new features. This PR adds Dependabot, to automatically create PRs to update these dependencies, if new versions become available. I limited the schedule to once a month, to reduce the number of created PRs.

Which issue(s) this PR fixes:

Fixes #

Does this PR introduced a user-facing change?

None

Additional documentation, usage docs, etc.:

@Garfield96
Add Dependabot
cb3a2ce 
Signed-off-by: Christian Menges <christian.menges@outlook.com>
@wenchajun
Copy link
Member

This looks fantastic, thanks for your contribution.

@benjaminhuo
Copy link
Member

@Garfield96 Thank you very much for this PR!

@benjaminhuo benjaminhuo merged commit 31bd0e5 into fluent:master Sep 27, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@benjaminhuo benjaminhuo benjaminhuo approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@Garfield96 @wenchajun @benjaminhuo