Jean-Noël mentioning security scanners in our recent discussion make me think:
It would be nice to have depedabot enabled in the github repo settings (Security & analysis). If both alerts and security updates are enabled, it automatically creates pull requests for the relevant changes. Cheers -Fritz
OpenPGP_0x6E8338980332A6B0.asc
Description: application/pgp-keys
OpenPGP_signature
Description: OpenPGP digital signature