We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
gradle
No response
version: 2 registries: repository: type: maven-repository url: https://repository-url username: ${{ secrets.USERNAME }} password: ${{ secrets.PASSWORD }} updates: - package-ecosystem: "gradle" directory: "/" registries: - repository schedule: interval: "weekly" - package-ecosystem: "github-actions" directory: "/" schedule: interval: "weekly"
I expected that merge commit done by @dependabot merge command would be verified (with signature).
@dependabot merge
Actually it has no signature, which is strange, because dependabot commits with versions upgrade have.
Upgrade commit:
Merge commit (not verified):
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Is there an existing issue for this?
Package ecosystem
gradle
Package manager version
No response
Language version
No response
Manifest location and content before the Dependabot update
No response
dependabot.yml content
Updated dependency
No response
What you expected to see, versus what you actually saw
I expected that merge commit done by
@dependabot merge
command would be verified (with signature).Actually it has no signature, which is strange, because dependabot commits with versions upgrade have.
Upgrade commit:
Merge commit (not verified):
Native package manager behavior
No response
Images of the diff or a link to the PR, issue, or logs
No response
Smallest manifest that reproduces the issue
No response
The text was updated successfully, but these errors were encountered: