Yeah, why not.
Two remarks:
- why Docker?
- Automatic updating of the action versions won't work directly as we pinned the actions and their versions in the organization settings. I think this is useful to reduce the risk of getting unwanted actions or code executed in CI.
So even after merging Dependabot's PRs, a Geany admin still has to do allow that action/version in the settings for security reasons.
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.Message ID: <geany/geany/pull/3758/c1937015592@github.com>