Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Many security issues are being reported against test/development requirements files #3873

Open
ocelotl opened this issue Apr 23, 2024 · 3 comments · May be fixed by #3874
Open

Many security issues are being reported against test/development requirements files #3873

ocelotl opened this issue Apr 23, 2024 · 3 comments · May be fixed by #3874
Assignees
@ocelotl
Labels
build & infra Issues related to build & infrastructure.

Comments

@ocelotl
Copy link
Contributor

ocelotl commented Apr 23, 2024

After fixing our dependency versions we now get lots of security warnings, fix that.
@ocelotl ocelotl added the build & infra Issues related to build & infrastructure. label Apr 23, 2024
@ocelotl ocelotl self-assigned this Apr 23, 2024
ocelotl added a commit to ocelotl/opentelemetry-python that referenced this issue Apr 23, 2024
@ocelotl
Rename development requirement files
1809331 
Fixes open-telemetry#3873
@ocelotl ocelotl linked a pull request Apr 23, 2024 that will close this issue
Open
@xrmx
Copy link
Contributor

xrmx commented Apr 24, 2024

Do you know if adding a new entry for each subproject root directory in dependabot.yml will work?

@tammy-baylis-swi
Copy link
Contributor

Is there also a way to group by dependency-type? Or are all .txt files treated the same by dependabot?

@xrmx
Copy link
Contributor

xrmx commented Apr 25, 2024

Is there also a way to group by dependency-type? Or are all .txt files treated the same by dependabot?

According to this comment dependency-type can't be used https://stackoverflow.com/a/76133576

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ocelotl ocelotl

Labels
build & infra Issues related to build & infrastructure.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Rename development requirement files ocelotl/opentelemetry-python
3 participants
@xrmx @ocelotl @tammy-baylis-swi