Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: enable Dependabot to update deps and update base image tag #404

Merged
merged 2 commits into from
Aug 16, 2022

Conversation

Bert-R
Copy link
Collaborator

@Bert-R Bert-R commented Aug 10, 2022

Dependabot will now create pull requests when new Docker images, dependencies or GitHub actions become available. By fixing the base image tag, we always exactly know what base image we are using and Dependabot will propose updates.

This will reduce the probability of accumulating known vulnerabilities, like suggested in #403

Bert Roos added 2 commits August 10, 2022 15:19
Dependabot will now create pull requests when new Docker images, dependencies or GitHub actions become available. By fixing the base image tag, we always exactly know what base image we are using and Dependabot will propose updates.
Dependabot will now create pull requests when new Docker images, dependencies or GitHub actions become available. By fixing the base image tag, we always exactly know what base image we are using and Dependabot will propose updates.
@Bert-R Bert-R mentioned this pull request Aug 11, 2022
@davideicardi davideicardi changed the title Enable Dependabot and fix base image tag feat: enable Dependabot to update deps and update base image tag Aug 16, 2022
Copy link
Collaborator

@davideicardi davideicardi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice! Thank you!

@davideicardi davideicardi merged commit dc9395e into obsidiandynamics:master Aug 16, 2022
@Bert-R
Copy link
Collaborator Author

Bert-R commented Aug 16, 2022

@davideicardi It initially gives a barrage of PRs, as you face now. But it'll become manageable after the first wave.

nerajchand pushed a commit to fairfaxmedia/charts that referenced this pull request May 3, 2024
This change will bump the version of the kafdrop image.

It includes numerous Dependency updates as well as bugfixes, and
security patching.

Also includes some shiny new features such as:

- Added Message Search functionality
[#288](obsidiandynamics/kafdrop#288)
- Enabled dependabot to update deps and base image tag
[#404](obsidiandynamics/kafdrop#404)

**Breaking Changes**:

- Update to JDK 17 and SpringBoot 3 in upstream
[#482](obsidiandynamics/kafdrop#482)

For the complete list of changes see:

[Releases](https://github.com/obsidiandynamics/kafdrop/releases)

[Comparing
Changes](obsidiandynamics/kafdrop@3.30.0...4.0.1)
nerajchand pushed a commit to fairfaxmedia/charts that referenced this pull request Jul 10, 2024
This change will bump the version of the kafdrop image.

It includes numerous Dependency updates as well as bugfixes, and
security patching.

Also includes some shiny new features such as:

- Added Message Search functionality
[#288](obsidiandynamics/kafdrop#288)
- Enabled dependabot to update deps and base image tag
[#404](obsidiandynamics/kafdrop#404)

**Breaking Changes**:

- Update to JDK 17 and SpringBoot 3 in upstream
[#482](obsidiandynamics/kafdrop#482)

For the complete list of changes see:

[Releases](https://github.com/obsidiandynamics/kafdrop/releases)

[Comparing
Changes](obsidiandynamics/kafdrop@3.30.0...4.0.1)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants