Yeah, why not.

Two remarks:

• why Docker?
• Automatic updating of the action versions won't work directly as we pinned the actions and their versions in the organization settings. I think this is useful to reduce the risk of getting unwanted actions or code executed in CI.
  So even after merging Dependabot's PRs, a Geany admin still has to do allow that action/version in the settings for security reasons.

—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.Message ID: <geany/geany/pull/3758/c1937015592@github.com>