[APPSEC-480] Add dependabot configuration file to .github directory #16
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What is this PR about?
• For general version updates of 3rd-party libraries irrespective of security vulnerabilities
• Base configuration for dependabot version update
Why are we doing this?
• To give you the option of automating general version updates of 3rd-party libraries through Dependabot, by approving this PR. However, you can choose to ignore this if you don't want this automation.
How does it help you?
• Reduces your effort and time for version updates by eliminating the need to manually configure this
Note: You can modify the base configuration to suit your needs, please see the documentation and samples
Please reach out to APS squad at #security OR #security-ghas-help OR @security-aps on Slack for any question