Skip to content

Use the dependabot cooldown config to limit bad package updates#17108

Merged
tschaub merged 1 commit into
openlayers:mainfrom
tschaub:cooldown
Sep 26, 2025
Merged

Use the dependabot cooldown config to limit bad package updates#17108
tschaub merged 1 commit into
openlayers:mainfrom
tschaub:cooldown

Conversation

@tschaub

@tschaub tschaub commented Sep 25, 2025

Copy link
Copy Markdown
Member

Dependabot has a cooldown configuration option that specifies the number of days to wait before installing a newly released package. The intent of this feature is to reduce supply chain attacks. See https://docs.github.com/en/code-security/dependabot/working-with-dependabot/dependabot-options-reference#cooldown- for more detail.

@github-actions

Copy link
Copy Markdown

📦 Preview the website for this branch here: https://deploy-preview-17108--ol-site.netlify.app/.

@tschaub tschaub merged commit 1da06a1 into openlayers:main Sep 26, 2025
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants