build workflow: unignore dependabot

paul-gilber · Oct 28, 2023 · 21094e6 · 21094e6
1 parent b6f039a
commit 21094e6
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 2 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -7,7 +7,7 @@ on:
   push:
     # Secrets aren't available for dependabot on push. https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow#error-403-resource-not-accessible-by-integration-when-using-dependabot
     branches-ignore:
-      - 'dependabot/**'
+      # - 'dependabot/**'
       - 'cherry-pick-*'
     paths-ignore:
       - '**.md'    # Ignore documentation changes

diff --git a/.github/workflows/code-scan-codeql.yml b/.github/workflows/code-scan-codeql.yml
@@ -1,5 +1,6 @@
 ---
-name: CodeQL Scan
+# See CodeQL results at https://github.com/paul-gilber/demoapp-backend/security/code-scanning/tools/CodeQL/status/
+name: Scan Code with CodeQL
 
 # Events: https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows
 on:

diff --git a/docs/repository-configuration/README.md b/docs/repository-configuration/README.md
@@ -2,6 +2,11 @@
 
 This section guides you on how this repository was setup
 
+## Managing the automatic deletion of branches
+You can have head branches automatically deleted after pull requests are merged in your repository.
+
+See steps on [Managing the automatic deletion of branches](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-the-automatic-deletion-of-branches)
+
 ## Code Analysis/Scanning
 ### Configuring repository for GitHub CodeQL
 [CodeQL](https://codeql.github.com/docs/codeql-overview/about-codeql/) is the analysis engine used by developers to automate security checks, and by security researchers to perform variant analysis.