You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Github actions has been iterating rapidly. CICD tools are high risk from a security perspective. Move to the latest versions of all actions steps if possible and introduce dependabot to ensure versions are updated.
Historically dependabot provided minimal value as it did not index setup.cfg files. This appears to be closed.
Caveats / Assumptions
No breaking changes have been introduced that have adverse affects outside of the github actions pipelines themselves (e.g. on the managed code)>
Completion Criteria
The text was updated successfully, but these errors were encountered:
Issue description / feature objectives
Github actions has been iterating rapidly. CICD tools are high risk from a security perspective. Move to the latest versions of all actions steps if possible and introduce dependabot to ensure versions are updated.
Historically dependabot provided minimal value as it did not index setup.cfg files. This appears to be closed.
Caveats / Assumptions
No breaking changes have been introduced that have adverse affects outside of the github actions pipelines themselves (e.g. on the managed code)>
Completion Criteria
The text was updated successfully, but these errors were encountered: