[PR #1681] [MERGED] Included githubactions in the dependabot config #2514

New issue

Closed

opened 2026-03-16 09:50:24 +03:00 by kerem · 0 comments

kerem commented

2026-03-16 09:50:24 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/hickory-dns/hickory-dns/pull/1681
Author: @naveensrinivasan
Created: 4/8/2022
Status: ✅ Merged
Merged: 4/8/2022
Merged by: @bluejekyll

Base: main ← Head: naveensrinivasan-patch-1

📝 Commits (1)

b6323a8 Included githubactions in the dependabot config

📊 Changes

1 file changed (+6 additions, -0 deletions)

View changed files

📝 .github/dependabot.yml (+6 -0)

📄 Description

Dependabot will help ensure that references to actions in a repository's workflow files are kept up to date. For each action in the file, Dependabot checks the action's reference (typically a version number or commit identifier associated with the action) against the latest version. If a more recent version of the action is available, Dependabot will send you a pull request that updates the reference in the workflow file to the latest version. This keeps the project up to date and avoids the project from missing any security updates that the upstream makes.

This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure.

Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot

GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot

https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/hickory-dns/hickory-dns/pull/1681 **Author:** [@naveensrinivasan](https://github.com/naveensrinivasan) **Created:** 4/8/2022 **Status:** ✅ Merged **Merged:** 4/8/2022 **Merged by:** [@bluejekyll](https://github.com/bluejekyll) **Base:** `main` ← **Head:** `naveensrinivasan-patch-1` --- ### 📝 Commits (1) - [`b6323a8`](https://github.com/hickory-dns/hickory-dns/commit/b6323a88d83dc217bf11a11b545d4123c074dbe7) Included githubactions in the dependabot config ### 📊 Changes **1 file changed** (+6 additions, -0 deletions) <details> <summary>View changed files</summary> 📝 `.github/dependabot.yml` (+6 -0) </details> ### 📄 Description Dependabot will help ensure that references to actions in a repository's workflow files are kept up to date. For each action in the file, Dependabot checks the action's reference (typically a version number or commit identifier associated with the action) against the latest version. If a more recent version of the action is available, Dependabot will send you a pull request that updates the reference in the workflow file to the latest version. This keeps the project up to date and avoids the project from missing any security updates that the upstream makes. This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure. Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>