Why (how) does Dependabot add "random" individuals and groups as reviewers #129619
Unanswered
vorburger
asked this question in
Code Security
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Select Topic Area
Question
Body
In google/android-fhir#2582, the Dependabot bot account,
initially added https://github.com/google/android-fhir/blob/master/CODEOWNERS,
and then just also added another user and a group which is not listed in
CODEOWNERS
as Reviewer,neither of which are listed in https://github.com/google/android-fhir/blob/master/.github/dependabot.yaml
Why does it do that - and how do you disable it from doing that?
Tracked as google/android-fhir#2585.
google/android-fhir#2586 is related.
Beta Was this translation helpful? Give feedback.
All reactions