People
 :bowtie: |
😄 :smile: |
😆 :laughing: |
|---|---|---|
😊 :blush: |
😃 :smiley: |
:relaxed: |
😏 :smirk: |
😍 :heart_eyes: |
😘 :kissing_heart: |
😚 :kissing_closed_eyes: |
😳 :flushed: |
😌 :relieved: |
😆 :satisfied: |
😁 :grin: |
😉 :wink: |
😜 :stuck_out_tongue_winking_eye: |
😝 :stuck_out_tongue_closed_eyes: |
😀 :grinning: |
😗 :kissing: |
😙 :kissing_smiling_eyes: |
😛 :stuck_out_tongue: |
The best way I've found to automatically merge Dependabot PRs is to use
actions/github-script to comment
@dependabot merge on Dependabot PRs. There are a few reasons why I think this
approach makes sense:
Commenting @dependabot merge on a Dependabot PR instructs Dependabot to
merge the PR after tests (if any) pass, so we don't need to encode that
dependency in a workflow file.
Unlike using an auto-merge action, nothing happens if the workflow runs on a
| from operator import truediv | |
| import yaml, requests, json | |
| from pathlib import Path | |
| from argparse import ArgumentParser | |
| import re | |
| cisaUrl = 'https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json' | |
| knownBadCVEs = [] | |
| parser = ArgumentParser() |
| FROM debian:latest | |
| RUN apt-get update && apt-get install -y \ | |
| git \ | |
| build-essential \ | |
| wget \ | |
| python3 | |
| WORKDIR /build |