Tormi Tabor

Saimons Jēgers: > Actually in Artis copied text both use cases say that it’s used for case-insensitive scenarios which doesn’t look right. > It’s a typo on that blog/site. [Link...

This should be the correct one: ``` locationExtraConfig: | # Add 404 status for autodiscover.xml requests and omit log entries. location ~* /autodiscover/autodiscover.xml { return 404; access_log off; log_not_found off;...

> Also this scans all the files, Code Quality scans only the committed files. Added `lint-staged` setup to overcome this. However, since we're using `lando npm run pre-commit` within Husky,...

I've removed non-functional `lando codecept` tool for now here: https://github.com/wunderio/drupal-project/pull/71/commits/9bf67d505ce79aa359bce7a9210b6ddd7e17447d

Readme: - `lando codecept ` - run [codeception](https://codeception.com/) tests. Tool definition: ``` codecept: description: Runs codeception tests cmd: - appserver: ./vendor/bin/codecept ```

Our internal guide which needs to be implemented here: https://intra.wunder.io/info/documentation-and-best-practices/drupal-project-testing-setup

Let's investigate if we can exclude files from Dependabot first. Configuration options for dependency updates, https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates

There's a Dependabot FR filed to only target package.json file https://github.com/dependabot/dependabot-core/issues/3184

So basically we need similar strategy for manifest file as is available for lockfile (`versioning-strategy: lockfile-only`). See https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#versioning-strategy

About Codespaces: https://github.com/codespaces