I noticed this morning that Dependabot opened 3 PRs against pulpproject.org even though we haven't given it access to that repo[0]. It turns out that now Github is using Dependabot to open PRs for known security issues[1]. As these are security vulnerabilities, I'd like to merge these today unless anyone objects.
[0] https://github.com/pulp/pulpproject.org/pulls/app%2Fdependabot [1] https://github.com/features/security#security-update David
_______________________________________________ Pulp-dev mailing list Pulp-dev@redhat.com https://www.redhat.com/mailman/listinfo/pulp-dev