You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@logging.apache.org by GitBox <gi...@apache.org> on 2021/06/15 11:54:01 UTC

[GitHub] [logging-log4j2] garydgregory commented on pull request #515: Update dependabot to track github action and dockerfile dependencies

garydgregory commented on pull request #515:
URL: https://github.com/apache/logging-log4j2/pull/515#issuecomment-861434403


   We use Dependabot in Apache Commons, super useful IMO, you get a PR and
   GitHub build to go along with a dependency change which gives you more
   confidence that a dependecy is OK to update.
   
   Gary
   
   
   On Mon, Jun 14, 2021, 20:43 Matt Sicker ***@***.***> wrote:
   
   > We have a Docker file for building that we don't really use for anything.
   > I think we do a pretty good job of updating dependencies normally, but a
   > Dependabot config for Maven plugins would be useful.
   >
   > —
   > You are receiving this because you are subscribed to this thread.
   > Reply to this email directly, view it on GitHub
   > <https://github.com/apache/logging-log4j2/pull/515#issuecomment-861085384>,
   > or unsubscribe
   > <https://github.com/notifications/unsubscribe-auth/AAJB6N2LCBWZH3NWGBRQ5STTS2O3RANCNFSM46UODITQ>
   > .
   >
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org