Tanner Github

[Margarita Lovvorn]

When working on a project that utilizes several open source dependencies it can often feel like a part-time job keeping up-to-date with dependencies updates. This can accumulate over time and cause your composer.json and/or package.json file to quickly become out of date. Which makes for updating the latest and greatest in the future much more difficult. With GitHub actions is very easy to automate this process!

Inside your project you can create a file under the .github folder called dependabot.yml which you can configure to automatically search known package providers for updates, that will generate create pull requests that you can help keep your project updated.

c80f0f1006