Comments (8)
There had been a renovate PR for a while for Probot, but it broke owners, so I finally got to the bottom of that and fixed it. Jest, I don't recall seeing a renovate PR, and there was nothing pending. According to npm outdated
, test-status
was fine; it was just that set-value
was a transitive dependency of a few direct dependencies that hadn't yet upgraded themselves.
from amp-github-apps.
/cc @danielrozenberg @erwinmombay @estherkim
from amp-github-apps.
renovate-bot is already on for this repo, and all renovate-bot PRs that I haven't approved are assigned to @estherkim, @erwinmombay, and @rcebulko
from amp-github-apps.
The purpose of this issue is to track the fixing of security vulnerabilities. I've edited the description. Reopening until the alerts are gone.
from amp-github-apps.
Is there a way for us to see open vulnerabilities, or only repo admins/owners?
from amp-github-apps.
@rcebulko You should have access once you become a part of @ampproject/wg-infra. Let's chat offline about how we can make that happen.
Edit: You've been invited.
from amp-github-apps.
/cc @rsimha
from amp-github-apps.
Curious: For all the packages that you manually upgraded, were there renovate PRs that we couldn't merge for some reason or the other?
from amp-github-apps.
Related Issues (20)
- Migrate TypeScript ESLint rules to use new "naming-convention" rule
- Update PR deploy internals to work on CircleCI HOT 1
- Update test status reporting internals to work on CircleCI
- Update bundle-size internals to work on CircleCI
- Update test case reporting internals to work on CircleCI
- Update project metrics internals to work on CircleCI
- Add dist.3p/current-min/vendor/*.js to bundle size check
- Rename the default branch of this repo to `main` HOT 1
- [owners] Add a mechanism to recognize specific bot accounts as legitimate reviewers HOT 4
- Owners Bot: Comments during Draft PRs leads to noise HOT 1
- Dependency Dashboard
- [release calendar] Clicking on any white box next to a release channel makes all calendar info disappear HOT 1
- [release calendar] Pop-up with additional releases sometimes gets cut off
- [release calendar] Pop-up with release info sometimes appears outside the viewport
- [release calendar] Make release calendar accessible from amp.dev
- Add a link in release tool
- [release calendar] Write unit tests
- FR: Approval should not clobber sizes
- Action Required: Fix Renovate Configuration
- This is amezing.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from amp-github-apps.