Hendrik/xgboost
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Keep GitHub Actions up to date with Dependabot (#10268)

Browse Source 
# Fixes software supply chain safety warnings like at the bottom right of
https://github.com/dmlc/xgboost/actions/runs/9048469681

* [Keeping your actions up to date with Dependabot](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot)
* [Configuration options for the dependabot.yml file - package-ecosystem](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem)
This commit is contained in:
Christian Clauss 2024-05-13 10:57:13 +02:00 committed by GitHub
parent d81e319e78
commit 75fe2ff0c3
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/dependabot.yml vendored
View File

@ -29,3 +29,7 @@ updates:
directory: "/jvm-packages/xgboost4j-spark-gpu" directory: "/jvm-packages/xgboost4j-spark-gpu"
schedule: schedule:
interval: "monthly" interval: "monthly"
- package-ecosystem: "github-actions"
directory: /
schedule:
interval: "monthly"