Skip to content
This repository was archived by the owner on Jun 13, 2024. It is now read-only.

Add dependabot to update github actions and ruby packages #707

Merged
merged 4 commits into from
Jun 2, 2022
Merged

Add dependabot to update github actions and ruby packages #707

merged 4 commits into from
Jun 2, 2022

Conversation

drewroengoogle
Copy link
Contributor

Adds dependabot, which resolved this security issue:
https://github.com/flutter/gallery/security/code-scanning/1

Also pins the version number of firebase-tools. This may not resolve the following vulnerability but regardless it's probably a good idea to avoid unintended results.
https://github.com/flutter/gallery/security/code-scanning/30

Pre-launch Checklist

  • I read the Contributor Guide and followed the process outlined there for submitting PRs.
  • I read the Tree Hygiene wiki page, which explains my responsibilities.
  • I read the Flutter Style Guide recently, and have followed its advice.
  • I signed the CLA.
  • I listed at least one issue that this PR fixes in the description above.
  • I updated/added relevant documentation (doc comments with ///).
  • I added new tests to check the change I am making, or this PR is test-exempt.
  • All existing and new tests are passing.

If you need help, consider asking for advice on the #hackers-new channel on Discord.

guidezpl
guidezpl suggested changes Jun 2, 2022
View reviewed changes
Copy link
Member

@guidezpl guidezpl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice

drewroengoogle and others added 2 commits June 2, 2022 09:05
@drewroengoogle @guidezpl
Update .github/dependabot.yml
0aed2e3 
Co-authored-by: Pierre-Louis <6655696+guidezpl@users.noreply.github.com>
@drewroengoogle @guidezpl
Update .github/dependabot.yml
a785915 
Co-authored-by: Pierre-Louis <6655696+guidezpl@users.noreply.github.com>
@drewroengoogle
Copy link
Contributor Author

Thanks for reviewing @guidezpl!

I've updated it to check weekly instead of daily.

@drewroengoogle drewroengoogle requested a review from guidezpl June 2, 2022 15:13
@guidezpl guidezpl merged commit b38f263 into flutter:main Jun 2, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@sealesj sealesj Awaiting requested review from sealesj

1 more reviewer

@guidezpl guidezpl guidezpl approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@drewroengoogle @guidezpl