---------- Forwarded message --------- From: Chris Lambertus <c...@apache.org> Date: Tue, Apr 5, 2022 at 12:38 PM Subject: [NOTICE] Dependabot Updates enabled for all projects To: <annou...@infra.apache.org>
Hi folks, Infra is pleased to announce that GitHub’s Dependabot service has been approved for use by ASF Legal and Infra, and is now enabled for all repos. Dependabot will create PRs in your repo with recommended security updates for your project. It is entirely up to the project to accept or reject these PRs. Dependabot Alerts can also be configured per-project, but currently the notifications go to Org Admins only. If your project wishes to receive Dependabot Alerts via email, please open an Infra Jira ticket so that we can add your committer team to the alerts. -Chris ASF Infra