Evgheni Dereveanchin created OVIRT-2870: ------------------------------------------- Summary: disable dependabot PRs for github repos that are gerrit mirrors Key: OVIRT-2870 URL: https://ovirt-jira.atlassian.net/browse/OVIRT-2870 Project: oVirt - virtualization made easy Issue Type: Outage Reporter: Evgheni Dereveanchin Assignee: infra GitHub recently enabled dependabot which automatically sends PRs to bump versions of libraries that received security updates. In our case, a lot of repos are just mirrors of gerrit repos so no PRs need to be sent there. This ticket is to disable dependabot on such repos. Some examples: https://github.com/oVirt/ovirt-engine/pulls https://github.com/oVirt/jenkins/pulls https://github.com/oVirt/ovirt-vdsmfake/pulls To disable these PRs it is enough to go to the security tab of the mirror project and unclick the checkbox in the "Automatic serurity updates" menu -- This message was sent by Atlassian Jira (v1001.0.0-SNAPSHOT#100121)