Xe Iaso b11d8132dd chore: add dependabot cooldown (#1302) ... * chore: add dependabot cooldown One of the things I need to worry about with Anubis is the idea that could pwn a dependency and then get malicious code into prod without realizing it, a-la Jia Tan. Given that Anubis relies on tools like Dependabot to manage updating dependencies (good for other reasons), it makes sense to have Dependabot have a 7 day cooldown for new versions of dependencies. This follows the advice from Yossarian on their blog at [1]. Thanks for the post and easy to copy/paste snippets! [1]: https://blog.yossarian.net/2025/11/21/We-should-all-be-using-dependency-cooldowns Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: update spelling Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>		2025-11-21 19:05:26 +00:00
..
actions/spelling	chore: add dependabot cooldown (#1302)	2025-11-21 19:05:26 +00:00
ISSUE_TEMPLATE	convert issue templates into issue forms (#1115)	2025-09-16 13:14:10 +00:00
workflows	feat: writing logs to the filesystem with rotation support (#1299)	2025-11-21 11:46:00 -05:00
dependabot.yml	chore: add dependabot cooldown (#1302)	2025-11-21 19:05:26 +00:00
FUNDING.yml	chore: add libreapay	2025-08-16 03:01:59 +00:00
PULL_REQUEST_TEMPLATE.md	docs: add reminder for verified signatures in PR template (#1092)	2025-09-07 16:15:26 -04:00
zizmor.yml	zizmor: add config file to silence unpinned-uses of Homebrew/actions (#441)	2025-05-05 01:22:36 +00:00