sam_oneal/pulumi-docker-build
1
0
Fork 0
Code Actions Packages Releases Wiki Activity
Files
92ed9d50e9e2ae5437b24ea9f0fa446b9ed72b96
pulumi-docker-build/.github
History
Bryce Lampe 92ed9d50e9 Re-enable grouping for dependabot security updates (#112) 
We have grouped security updates enabled by default at the org level,
however when a repo defines its own `dependabot.yml` it will override
the org's defaults. We don't currently define any grouping for security
updates, hence why we have so many outstanding dependabot PRs.

This adds 3 new groups:
* A security group, to re-enable grouped security updates.
* A docker group, to bump core Docker dependencies like buildx,
buildkit, etc.
* An "other" group as a catch-all for everything else. AFAICT there's no
way to have Dependabot _only_ bump versions for Pulumi & Docker
dependencies, so just dump everything else in here.

The existing pulumi group stopped receiving updates for some reason but
[seems to be
working](https://github.com/pulumi/pulumi-docker-build/pull/111) again
after I re-opened one of the closed PRs.
2024-06-18 12:43:28 -07:00
..
workflows
Fix Go SDK publishing (#106)
2024-06-14 14:55:18 +01:00
dependabot.yml
Re-enable grouping for dependabot security updates (#112)
2024-06-18 12:43:28 -07:00