Configure whitesource. #4
Conversation
There was a problem hiding this comment.
Recommend configuring this to use Remediate in preference to dependabot.
See https:/opensearch-project/opensearch-ai-flow-framework/pull/1/files
"remediateSettings": {
"workflowRules": {
"enabled": true
}
}
Signed-off-by: dblock <[email protected]>
dblock
force-pushed
the
configure-whitesource
branch
from
b76d006
to
7998652
Compare
|
I copied the contents of that .whitesource. Am I doing it right? |
Yes, I believe so. To be clear, this is a choice of which dependency manager we use. I prefer Remediate to Dependabot so if we merge this PR we should close #5. And vice versa. See https:/opensearch-project/.github/blob/main/RESPONSIBILITIES.md#keep-dependencies-up-to-date for a discussion of the options before we pick one. |
|
Alternately it looks like for python there's another option: https://docs.safetycli.com/safety-2/ |
I'd rather not introduce new tools unless you feel very motivated ;) |
|
If you're happy with Renovate, let's merge this and close #5. |
Description
Not sure what happened in #1, I think it was closed because of a force push to main for the initial commit.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.