-
Rhys Arkins authored
Adds rules to skip any configured grouping or schedules that prevent insecure packages from being updated immediately. If GitHub's vulnerability alerts are detected, package rules are added to force empty schedule and grouping for each affected package. Settings are configurable via new `vulnerabilityAlerts` config object, e.g. so that custom PR titles, labels or assignees can be configured. Closes #1567
Rhys Arkins authoredAdds rules to skip any configured grouping or schedules that prevent insecure packages from being updated immediately. If GitHub's vulnerability alerts are detected, package rules are added to force empty schedule and grouping for each affected package. Settings are configurable via new `vulnerabilityAlerts` config object, e.g. so that custom PR titles, labels or assignees can be configured. Closes #1567