Dependabot audit
Opened this issue · 0 comments
parkr commented
I use dependabot across my repos to keep things up-to-date. I should look for common files that can map to dependabot configs, then read the dependabot config and check that all of the given ecosystems (e.g. gomod/bundler/github-actions) are included. If something is missing, then ignore.