Skip to content

.dependabot/config.yml and forks #2198

Closed as not planned
Closed as not planned
.dependabot/config.yml and forks#2198
Labels
F: version-updates ⬆️Issues specific to version updatesT: bug 🐞Something isn't working
@LeoColomb

Description

@LeoColomb
LeoColomb
opened on Jan 21, 2019

.dependabot/config.yml is a great feature, thanks!

That said, I faced an unwanted behavior.
Considering two accounts with Dependabot enabled, if an account forks a repo of the other one containing a .dependabot/config.yml file and with outdated dependencies, Dependabot will be auto-activated and will open pull requests on the forked repo.

As a real example, I forked dependabot-core and got four PR in the minute.

Metadata

Metadata

Assignees

No one assigned

    Labels

    F: version-updates ⬆️Issues specific to version updatesT: bug 🐞Something isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions