FYI Infra enabled dependabot alerts (just for security fixes, and not the PRs) for Kerby, LDAP API + Directory Server. The alerts go to the commiters of the project. That way we can at least be informed if a dependency has a newly issued CVE.
Colm. On Mon, May 31, 2021 at 1:09 PM Colm O hEigeartaigh <[email protected]> wrote: > > Hi, > > I just disabled dependabot, it is probably overkill for a project like > Kerby anyway. Ideally I would have access to the "settings" part of > the GitHub Dashboard for the project, where I could then configure > alerts + PRs for security updates only, but I don't have access to it. > I'll investigate to see if there is a way Infra can configure it for > me. > > Colm. > > On Mon, May 31, 2021 at 10:32 AM Emmanuel Lécharny <[email protected]> > wrote: > > > > Hi > > > > is it possibkle to desactivate the dependabot mails? It's a bit annoying... > > > > -- > > *Emmanuel Lécharny - CTO* 205 Promenade des Anglais – 06200 NICE > > T. +33 (0)4 89 97 36 50 > > P. +33 (0)6 08 33 32 61 > > [email protected] https://www.busit.com/ > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [email protected] > > For additional commands, e-mail: [email protected] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
