Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix scorecard alerts in dart-lang / test #32

Closed
godofredoc opened this issue Oct 5, 2022 · 8 comments
Closed

Fix scorecard alerts in dart-lang / test #32

godofredoc opened this issue Oct 5, 2022 · 8 comments

Comments

@godofredoc
Copy link

  • Fix the following alerts:
    • Dependency update tool
  • Add scorecards badge
@devoncarew
Copy link
Member

cc @natebosch (the detailed issues can be seen here: https://github.com/dart-lang/test/security/code-scanning).

@natebosch
Copy link
Member

@kevmoo - what is our current best practice for dependabot and mono_repo?

@kevmoo
Copy link
Member

kevmoo commented Oct 17, 2022

I try to roll mono_repo ~monthly. In did it a bit earlier because of a node deprecation.

What more do we think we need?

@natebosch
Copy link
Member

@devoncarew @godofredoc - should we stop flagging a missing dependabot config in repos that are using mono_repo?

@godofredoc
Copy link
Author

@natebosch can you please provide more context about the question?

@natebosch
Copy link
Member

This alert indicates that we should be adding dependabot config to the test repo - however adding it would conflict with the updates done by mono_repo. So I think it's better to not raise this repo as an issue.

@godofredoc
Copy link
Author

I see, in that case I'd recommend to ignore the alert. Let me send a PR to add the scorecards badge.

godofredoc added a commit to godofredoc/test that referenced this issue Oct 17, 2022
@godofredoc
Add scorecard badge to test repo.
d1fcc28 
Bug: dart-lang/.github#32
@godofredoc godofredoc mentioned this issue Oct 17, 2022
Merged
@godofredoc
Copy link
Author

dart-lang/test#1774 is ready unfortunately I have no write access to assign reviewers.

natebosch pushed a commit to dart-lang/test that referenced this issue Oct 17, 2022
@godofredoc
Add scorecard badge to test repo. (#1774)
f704d5a 
Bug: dart-lang/.github#32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@kevmoo @devoncarew @natebosch @godofredoc