You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-dev@hadoop.apache.org by Wei-Chiu Chuang <we...@apache.org> on 2022/04/05 06:16:23 UTC

Fwd: [NOTICE] Dependabot Updates enabled for all projects

---------- Forwarded message ---------
From: Chris Lambertus <cm...@apache.org>
Date: Tue, Apr 5, 2022 at 12:38 PM
Subject: [NOTICE] Dependabot Updates enabled for all projects
To: <an...@infra.apache.org>

Hi folks,

Infra is pleased to announce that GitHub’s Dependabot service has been
approved for use by ASF Legal and Infra, and is now enabled for all repos.
Dependabot will create PRs in your repo with recommended security updates
for your project. It is entirely up to the project to accept or reject
these PRs.

Dependabot Alerts can also be configured per-project, but currently the
notifications go to Org Admins only. If your project wishes to receive
Dependabot Alerts via email, please open an Infra Jira ticket so that we
can add your committer team to the alerts.

-Chris
ASF Infra