openapicmd
openapicmd copied to clipboard
Add renovate and bolt for auto-package updates, and CVE's
Fixes #33 Might fix #34
- Add Mend Renovate as a bot (here)
- Setting: pull-request requirement should be enabled (optional)
- Required actions to complete
CI
(optional) - Pin the npm package versions (required, this is how Renovate works best: it will take over specific versions automatically)
- Add Mend Bolt (https://github.com/marketplace/whitesource-bolt) as a bot
- Add Mend for CVE detected (if not wanted, let me know. I can revert this)
- Mend was previously known as Whitesource
What will happen?
- A lot of PRs will open up at first. This is normal for a first start.
- At a daily schedule package-lock PRs will be created to update lock file dependencies 🥳
- A Renovate dashboard issue will appear tracking all open PRs
- CVE's will be made (and closed automatically when resolved on
main
to keep users informed about their status)
In case of questions about Renovate and/or Bolt. Please ask away!