the_od_bods icon indicating copy to clipboard operation
the_od_bods copied to clipboard
verified publisher icon OpenDataScotland

Setup dependabot for the_od_bods repo

Open KarenJewell opened this issue 3 years ago • 1 comments

Is your feature request related to a problem? Please describe. Extracted from issue #155 suggested by @kymckay to improve environment package dependencies: dependabot can be setup to check for version updates on an interval and submit pull requests for review to automatically manage the requirements.txt file.

Describe the solution you'd like Dependabot alerts tell you that your code depends on a package that is insecure. Will have to be a repo maintainer who sets this up.

Describe alternatives you've considered None.

Additional context Believe this may already be setup in JKAN repo.

KarenJewell avatar Oct 23 '22 18:10 KarenJewell

Dependabot already set up for JKAN although I've not actioned any alerts as of late. I've been reluctant to touch them due to the mountain of package updates that would need to be done that are likely to cause breaking changes. Maybe one to do once I've set up some better testing for opendata.scot.

JackGilmore avatar Oct 23 '22 20:10 JackGilmore