https://github.com/apache/jena/pull/631
The dependency bot created a PR for a dependency update. It is not
automatically applied. (This one is covered by 629.)
If it is a nuisance, we can turn it off.
I have elsewhere (any23) seen it generate PRs for any dependency update
it notices - security related or not - probably an extra feature via
github actions not the security alerts.
That might be useful to have as well.
Andy
On 13/11/2019 10:20, GitBox wrote:
dependabot[bot] commented on issue #631: Bump jackson-databind from 2.9.10 to
2.9.10.1
URL: https://github.com/apache/jena/pull/631#issuecomment-553337052
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`.
If you change your mind, just re-open this PR and I'll resolve any conflicts on it.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
