parsley72
Reputation: 9087
Providing Dependabot with a list of dependencies
Is there any way of providing dependabot with a list of dependencies to check? Either by injecting the list or providing a custom package manager for it to use?
Upvotes: 0
Views: 206
Answers (1)
parsley72
Reputation: 9087
I found this Github step which allows you to upload an SPDX file to Dependabot: https://github.com/marketplace/actions/spdx-dependency-submission-action
SPDX is an open SBOM format that can be generated by a number of tools.
Upvotes: 0
Related Questions
- How to list npm user-installed packages?
- Trigger Dependabot when have PR to "develop"
- What is the difference between pip and conda?
- How do I update/upgrade pip itself from inside my virtual environment?
- Why use peer dependencies in npm for plugins?
- How to list the contents of a package using YUM?