no-leaks
no-leaks copied to clipboard
Roave
Upgrade to GitHub-native Dependabot
Dependabot Preview will be shut down on August 3rd, 2021. In order to keep getting Dependabot updates, please merge this PR and migrate to GitHub-native Dependabot before then.
Dependabot has been fully integrated into GitHub, so you no longer have to install and manage a separate app. This pull request migrates your configuration from Dependabot.com to a config file, using the new syntax. When merged, we'll swap out dependabot-preview (me) for a new dependabot app, and you'll be all set!
With this change, you'll now use the Dependabot page in GitHub, rather than the Dependabot dashboard, to monitor your version updates, and you'll configure Dependabot through the new config file rather than a UI.
You have configured automerging on this repository. There is no automerging support in GitHub-native Dependabot, so these settings will not be added to the new config file. Several 3rd-party GitHub Actions and bots can replicate the automerge feature.
If you've got any questions or feedback for us, please let us know by creating an issue in the dependabot/dependabot-core repository.
Learn more about migrating to GitHub-native Dependabot
Please note that regular @dependabot commands do not work on this pull request.
![dependabot-preview[bot] avatar](https://avatars.githubusercontent.com/in/2141?v=4 "Published by a pub.dev verified publisher"){kind=small}
can be closed, see https://github.com/Roave/no-leaks/pull/124#issuecomment-863602234
@mvorisek I think there's a general misunderstanding on why dependencies are locked (as per #124 review) and upgraded regularly by dependabot instead
As a reminder, Dependabot Preview will be shut down on August 3rd, 2021. You can merge this pull request to migrate to GitHub-native Dependabot. You can read the docs to learn more about what's changing, as well as find out how to get support if you need help migrating.