Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update all github actions pipelines to latest versions and introduce dependabot #1541

Open
butler54 opened this issue May 13, 2024 · 0 comments
Open

Update all github actions pipelines to latest versions and introduce dependabot #1541

butler54 opened this issue May 13, 2024 · 0 comments
Assignees
@AleJo2995
Labels
enhancement New feature or request
Milestone
v3.1.0

Comments

@butler54
Copy link
Collaborator

Issue description / feature objectives

Github actions has been iterating rapidly. CICD tools are high risk from a security perspective. Move to the latest versions of all actions steps if possible and introduce dependabot to ensure versions are updated.

Historically dependabot provided minimal value as it did not index setup.cfg files. This appears to be closed.

Caveats / Assumptions

No breaking changes have been introduced that have adverse affects outside of the github actions pipelines themselves (e.g. on the managed code)>

Completion Criteria
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@AleJo2995 AleJo2995

Labels
enhancement New feature or request
Projects
None yet
Milestone
v3.1.0
Development

No branches or pull requests
3 participants
@AleJo2995 @butler54 @jpower432