Thanks to visit codestin.com Credit goes to github.com
We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent 5c5e82b commit 70a565fCopy full SHA for 70a565f
1 file changed
.github/dependabot.yml
@@ -8,6 +8,11 @@ updates:
8
assignees:
9
- "ezio-melotti"
10
open-pull-requests-limit: 10
11
+ cooldown:
12
+ # https://blog.yossarian.net/2025/11/21/We-should-all-be-using-dependency-cooldowns
13
+ # Cooldowns protect against supply chain attacks by avoiding the
14
+ # highest-risk window immediately after new releases.
15
+ default-days: 14
16
17
# Maintain dependencies for Python
18
- package-ecosystem: pip
@@ -17,3 +22,5 @@ updates:
22
23
19
24
25
26
0 commit comments