[
https://issues.apache.org/jira/browse/HDDS-9569?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17837821#comment-17837821
]
Ethan Rose commented on HDDS-9569:
----------------------------------
Dependabot alerts for security updates are enabled automatically for ASF repos.
General version updates are disabled by default which is the desired behavior.
See docs for .asf.yaml:
*
https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=127405038#Git.asf.yamlfeatures-DependabotAlertsandUpdates
*
https://github.com/apache/infrastructure-asfyaml?tab=readme-ov-file#dependabot-alerts-and-updates
Therefore this will work without intervention from us once the new website is
merged to master branch.
> Enable dependabot for docusaurus javascript dependencies
> --------------------------------------------------------
>
> Key: HDDS-9569
> URL: https://issues.apache.org/jira/browse/HDDS-9569
> Project: Apache Ozone
> Issue Type: Sub-task
> Components: CI, website
> Reporter: Ethan Rose
> Priority: Minor
> Labels: newbie
>
> Docusaurus requires numerous javascript dependencies. We can pin all package
> versions for stability, then use Github's dependabot to help us keep the
> packages up to date and avoid vulnerabilities.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
