Uploaded image for project: 'Node.js Driver'
  1. Node.js Driver
  2. NODE-2898

Add tooling bot for automatic dependency and lockfile update

XMLWordPrintableJSON

      Libraries don't distribute lock files, so it would make sense for us to ingest the latest dependency permitted by our semver range whenever possible, there's bots / github actions that can enforce a package-lock update before merging if one exists. Dependabot can also automagically open PRs for CVE updates.

      danger.systems/js

            Assignee:
            Unassigned Unassigned
            Reporter:
            neal.beeken@mongodb.com Neal Beeken
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: