We should use 'dependabot' for our solution!



The most important is that now GitHub is their owner (Microsoft actually) and it’s free

it sure sends a lot of spam

Actually we are working on it, but currently not sure if we will use dependabot, maybe other bot will work better.

That’s because most of our dependencies is outdated

DevOps team released this functionality for platform and storefront repositories. You can easily check it in pull requests and filter them by label “dependencies”.

1 Like