Yicong-Huang commented on PR #3456: URL: https://github.com/apache/texera/pull/3456#issuecomment-3354166583
> > We will bump torch in PR #3794 > > Thanks. Dependabot is configured just to issue PRs for security issues. It can be enabled to create PRs for all new dependency releases. This latter option is noisy and unnecessary but to reiterate, the Dependabot PRs that we get today are for security issues. I previously configured dependabot to report only critical ones. We can rely on it to satisfy ASF norm. I hope that's enough and we don't need to get PRs for all new releases, as you mentioned, it will be noisy and unnecessary. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
