Add `dependabot.yml` to the list
atombrella opened this issue · 1 comments
atombrella commented
Thank you for this overview. GitHub's vulnerability scanner is not part of the overview. .github/dependabot.yml
will enable PRs from dependabot with updates of vulnerable packages.
joelparkerhenderson commented
Done. Thank you for this!