Posts Tagged ‘dependency management’

GitHub is at the heart of how I do work, and Dependabot is one of the core tools. Even before we started using OpenSSF Scorecards, which pushed us to pin dependencies, Dependabot was something we used a lot to ensure that things were up to date. But, Dependabot isn’t perfect, and looking at the discussion […]