Skip to content
Snippets Groups Projects
  • Rhys Arkins's avatar
    ac371e2a
    feat(github): vulnerability alerts (#2321) · ac371e2a
    Rhys Arkins authored
    Adds rules to skip any configured grouping or schedules that prevent insecure packages from being updated immediately.
    
    If GitHub's vulnerability alerts are detected, package rules are added to force empty schedule and grouping for each affected package. Settings are configurable via new `vulnerabilityAlerts` config object, e.g. so that custom PR titles, labels or assignees can be configured.
    
    Closes #1567
    ac371e2a
    History
    feat(github): vulnerability alerts (#2321)
    Rhys Arkins authored
    Adds rules to skip any configured grouping or schedules that prevent insecure packages from being updated immediately.
    
    If GitHub's vulnerability alerts are detected, package rules are added to force empty schedule and grouping for each affected package. Settings are configurable via new `vulnerabilityAlerts` config object, e.g. so that custom PR titles, labels or assignees can be configured.
    
    Closes #1567