I noticed this morning that Dependabot opened 3 PRs against pulpproject.org
even though we haven't given it access to that repo[0]. It turns out that
now Github is using Dependabot to open PRs for known security issues[1]. As
these are security vulnerabilities, I'd like to merge these today unless
anyone objects.

[0] https://github.com/pulp/pulpproject.org/pulls/app%2Fdependabot
[1] https://github.com/features/security#security-update

David
_______________________________________________
Pulp-dev mailing list
Pulp-dev@redhat.com
https://www.redhat.com/mailman/listinfo/pulp-dev

Reply via email to