Skip to content

.github/workflows: add dependabump#1979

Draft
jmank88 wants to merge 1 commit intomainfrom
dependabump
Draft

.github/workflows: add dependabump#1979
jmank88 wants to merge 1 commit intomainfrom
dependabump

Conversation

@jmank88
Copy link
Copy Markdown
Contributor

@jmank88 jmank88 commented Apr 13, 2026
edited
Loading

https://smartcontract-it.atlassian.net/browse/CRE-1849
This PR adds a workflow to execute make dependabot on a schedule and open a PR if there are changes.

github-advanced-security[bot]
github-advanced-security AI found potential problems Apr 13, 2026
View reviewed changes
Comment thread .github/workflows/dependabump.yml Fixed
@jmank88 jmank88 force-pushed the dependabump branch 7 times, most recently from 94768ea to 571d54a Compare April 14, 2026 15:22
chainchad
chainchad reviewed Apr 14, 2026
View reviewed changes
Comment thread .github/workflows/dependabump.yml Outdated
chainchad
chainchad reviewed Apr 14, 2026
View reviewed changes
Comment thread .github/workflows/dependabump.yml
chainchad
chainchad reviewed Apr 14, 2026
View reviewed changes
Comment thread .github/workflows/dependabump.yml Outdated
chainchad
chainchad reviewed Apr 14, 2026
View reviewed changes
Comment thread .github/workflows/dependabump.yml Outdated
chainchad
chainchad reviewed Apr 14, 2026
View reviewed changes
Comment thread .github/workflows/dependabump.yml Outdated
chainchad
chainchad reviewed Apr 14, 2026
View reviewed changes
Comment thread .github/workflows/dependabump.yml Outdated
@jmank88 jmank88 force-pushed the dependabump branch 5 times, most recently from 488193d to f9b2bff Compare April 14, 2026 23:17
github-advanced-security[bot]
github-advanced-security AI found potential problems Apr 21, 2026
View reviewed changes
Comment thread .github/workflows/dependabump.yml Fixed
chainchad
chainchad reviewed Apr 22, 2026
View reviewed changes
Comment thread .github/workflows/dependabump.yml
Comment on lines +52 to +56
branch: bot/dependabump
commit-message: "bump dependencies"
title: "dependabump"
body: "Bumping deps due to critical or high vulnerabilities."
continue-on-error: true
Copy link
Copy Markdown
Contributor

@chainchad chainchad Apr 22, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
branch: bot/dependabump
commit-message: "bump dependencies"
title: "dependabump"
body: "Bumping deps due to critical or high vulnerabilities."
continue-on-error: true
branch: bot/dependabump
commit-message: "bump dependencies"
title: "dependabump"
body: "Bumping deps due to critical or high vulnerabilities."
sign-commits: true
continue-on-error: true

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chainchad chainchad chainchad left review comments

@pavel-raykov pavel-raykov Awaiting requested review from pavel-raykov

@bryan-maxwell bryan-maxwell Awaiting requested review from bryan-maxwell

+1 more reviewer

@github-advanced-security github-advanced-security[bot] github-advanced-security[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jmank88 @github-advanced-security @chainchad