> On Aug 14, 2020, at 7:56 PM, John Patrick <[email protected]> wrote:
>
> Cheers for that Giles,
> I read those emails as PR's raised at say
> https://github.com/apache/commons-lang and dependabot, which I
> understand.
> I'm talking about my fork for commons-lang at
> https://github.com/nhojpatrick/commons-lang.
>
> Dependabot appears to have been authorised against my fork without my
> approval?
>
I’ve indeed seen this as well with my fork. I would guess it a “feature” of
GitHub as sometimes individuals release out of their own forks as opposed to
using the upstream artifacts or contributing back to the upstream artifacts. I
would think this to be good as it encourages a larger more active community
involvement in the project, and thus a healthier project.
If you dislike this feel free to delete your fork while not developing.
Cheers,
-Rob
> If i visit
> https://github.com/nhojpatrick/commons-lang/settings/security_analysis
> dependabot is showing as disabled, but it appears to be
> active.
>
> Hope that help explain I'm talking about my fork
> (https://github.com/nhojpatrick/commons-lang) and my the forked
> (https://github.com/apache/commons-lang) project.
>
> As I say, I totally understanding about getting emails regarding
> dependabot as it's been authorised on the
> https://github.com/apache/commons-lang project.
>
> John
>
>
>> On Fri, 14 Aug 2020 at 23:54, Gilles Sadowski <[email protected]> wrote:
>>
>> Hi.
>>
>>> Le sam. 15 août 2020 à 00:02, John Patrick <[email protected]> a écrit
>>> :
>>>
>>> I've just noticed a load of pull requests that have been auto created
>>> by dependabot, for changes to be merged into my forked version of
>>> master.
>>>
>>> For commons-lang I've 20 PR's, commons-logging 10 PR's, I've not
>>> checked all the other commons forks I've got.
>>>
>>> They are getting automatically closed once I sync the commons fork
>>> into my forked repo.
>>>
>>> Has anyone else seen this issue?
>>
>> Oh, yes:
>> https://markmail.org/message/2vutc4p3b3eqv73f
>> https://markmail.org/message/6apxz6vrc75uq6ge
>>
>> Gilles
>>
>>>
>>> It seems to be a change that happened about 20 days ago, as that is
>>> when the first PR was raised.
>>>
>>> These changes also seem to be triggering cicd github actions, see
>>> https://github.com/nhojpatrick/commons-lang/runs/965399930?check_suite_focus=true.
>>>
>>> John
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [email protected]
>> For additional commands, e-mail: [email protected]
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [email protected]
> For additional commands, e-mail: [email protected]
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
