-
Notifications
You must be signed in to change notification settings - Fork 15
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
3e793c1
commit c55c9ea
Showing
1 changed file
with
10 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -54,11 +54,21 @@ approval is granted, GDI repositories MUST NOT cut a GA release. | |
- MUST lock the versions of all build dependencies (e.g. libraries, binaries, | ||
scripts, docker images) or vendor them; **EXCEPTION:** tools that are | ||
available out-of-the-box on the CI runner | ||
- To help keep dependencies up to date, the repo MUST be configured with | ||
Check failure on line 57 in specification/repository.md GitHub Actions / validate-documentationTrailing spaces
|
||
[Dependabot](https://github.com/dependabot/dependabot-core) or [Renovate](https://github.com/apps/renovate). | ||
|
||
#### Dependabot: | ||
Check failure on line 60 in specification/repository.md GitHub Actions / validate-documentationTrailing punctuation in heading
|
||
|
||
- MUST enable [Dependabot alerts](https://docs.github.com/en/code-security/dependabot/dependabot-alerts/about-dependabot-alerts) | ||
- MUST grant access to alerts for the approvers and maintainers teams | ||
- MUST enable [Dependabot security updates](https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates) | ||
- MUST configure [Dependabot version updates](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates) | ||
|
||
#### Renovate: | ||
Check failure on line 67 in specification/repository.md GitHub Actions / validate-documentationTrailing punctuation in heading
|
||
|
||
- MUST add the repo to the [list of Renovatebot repos](https://github.com/organizations/signalfx/settings/installations/41531652). | ||
- MUST add a [Renovate config file](https://docs.renovatebot.com/configuration-options/) to the repo. | ||
Check failure on line 70 in specification/repository.md GitHub Actions / validate-documentationLine length
|
||
|
||
### GitHub Actions | ||
|
||
- MUST use [GitHub | ||
|