You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@superset.apache.org by GitBox <gi...@apache.org> on 2021/01/05 22:07:46 UTC

[GitHub] [superset] ktmud opened a new pull request #12291: build: ignore github actions from dependabot

ktmud opened a new pull request #12291:
URL: https://github.com/apache/superset/pull/12291


   ### SUMMARY
   
   Let Dependabot ignore `.github/actions`.
   
   ### BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF
   
   We will manually update these inline actions when needed.
   
   ### TEST PLAN
   
   CI must pass.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] robdiciuccio commented on pull request #12291: build: ignore github actions from dependabot

Posted by GitBox <gi...@apache.org>.

robdiciuccio commented on pull request #12291:
URL: https://github.com/apache/superset/pull/12291#issuecomment-754969022


   Does this prevent Dependabot security notifications for Github Actions, or just the automated update PRs? It's not very clear from the [docs](https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/keeping-your-actions-up-to-date-with-dependabot).


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] ktmud commented on pull request #12291: build: ignore github actions from dependabot

Posted by GitBox <gi...@apache.org>.

ktmud commented on pull request #12291:
URL: https://github.com/apache/superset/pull/12291#issuecomment-754979743


   @robdiciuccio I think this [does affect security notifications](https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/configuration-options-for-dependency-updates#about-the-dependabotyml-file):
   
   >  Any options that also affect security updates are used the next time a security alert triggers a pull request for a security update.
   
   But I just found out you can choose to keep the checks but disable pull requests: https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/configuration-options-for-dependency-updates#open-pull-requests-limit
   
   Thanks for pointing this out! 


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] ktmud edited a comment on pull request #12291: build: ignore github actions from dependabot

Posted by GitBox <gi...@apache.org>.

ktmud edited a comment on pull request #12291:
URL: https://github.com/apache/superset/pull/12291#issuecomment-754979743


   @robdiciuccio I think this [does affect security notifications](https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/configuration-options-for-dependency-updates#about-the-dependabotyml-file):
   
   >  Any options that also affect security updates are used the next time a security alert triggers a pull request for a security update.
   
   But I just found out you can choose to keep the checks but disable pull requests: https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/configuration-options-for-dependency-updates#open-pull-requests-limit
   
   I've updated the PR accordingly. Thanks for pointing this out! 


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] ktmud merged pull request #12291: build: ignore github actions from dependabot

Posted by GitBox <gi...@apache.org>.

ktmud merged pull request #12291:
URL: https://github.com/apache/superset/pull/12291


   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org

[GitHub] [superset] ktmud closed pull request #12291: build: ignore github actions from dependabot

Posted by GitBox <gi...@apache.org>.

ktmud closed pull request #12291:
URL: https://github.com/apache/superset/pull/12291


   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org