You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@superset.apache.org by GitBox <gi...@apache.org> on 2021/01/05 22:07:46 UTC
[GitHub] [superset] ktmud opened a new pull request #12291: build: ignore github actions from dependabot
ktmud opened a new pull request #12291:
URL: https://github.com/apache/superset/pull/12291
### SUMMARY
Let Dependabot ignore `.github/actions`.
### BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF
We will manually update these inline actions when needed.
### TEST PLAN
CI must pass.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] robdiciuccio commented on pull request #12291: build: ignore github actions from dependabot
Posted by GitBox <gi...@apache.org>.
robdiciuccio commented on pull request #12291:
URL: https://github.com/apache/superset/pull/12291#issuecomment-754969022
Does this prevent Dependabot security notifications for Github Actions, or just the automated update PRs? It's not very clear from the [docs](https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/keeping-your-actions-up-to-date-with-dependabot).
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] ktmud commented on pull request #12291: build: ignore github actions from dependabot
Posted by GitBox <gi...@apache.org>.
ktmud commented on pull request #12291:
URL: https://github.com/apache/superset/pull/12291#issuecomment-754979743
@robdiciuccio I think this [does affect security notifications](https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/configuration-options-for-dependency-updates#about-the-dependabotyml-file):
> Any options that also affect security updates are used the next time a security alert triggers a pull request for a security update.
But I just found out you can choose to keep the checks but disable pull requests: https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/configuration-options-for-dependency-updates#open-pull-requests-limit
Thanks for pointing this out!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] ktmud edited a comment on pull request #12291: build: ignore github actions from dependabot
Posted by GitBox <gi...@apache.org>.
ktmud edited a comment on pull request #12291:
URL: https://github.com/apache/superset/pull/12291#issuecomment-754979743
@robdiciuccio I think this [does affect security notifications](https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/configuration-options-for-dependency-updates#about-the-dependabotyml-file):
> Any options that also affect security updates are used the next time a security alert triggers a pull request for a security update.
But I just found out you can choose to keep the checks but disable pull requests: https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/configuration-options-for-dependency-updates#open-pull-requests-limit
I've updated the PR accordingly. Thanks for pointing this out!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] ktmud merged pull request #12291: build: ignore github actions from dependabot
Posted by GitBox <gi...@apache.org>.
ktmud merged pull request #12291:
URL: https://github.com/apache/superset/pull/12291
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org
[GitHub] [superset] ktmud closed pull request #12291: build: ignore github actions from dependabot
Posted by GitBox <gi...@apache.org>.
ktmud closed pull request #12291:
URL: https://github.com/apache/superset/pull/12291
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org