Max Kotliar 71af1ee5f1 .github: Set 21-day cooldown to dependabot updates (#10740) ...

Recent supply chain attacks on GitHub Actions and npm packages show the
risk of pulling dependency updates too quickly:
-
https://socket.dev/blog/trivy-under-attack-again-github-actions-compromise
-
https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan

2026-04-03 15:51:07 +03:00

..

ISSUE_TEMPLATE

issues/question-template: fix typos (#947)

2025-12-24 11:37:34 +01:00

scripts

.github: Add changelog tip linter

2025-11-25 13:41:48 +02:00

workflows

build(deps): bump codecov/codecov-action from 5 to 6 (#10709)

2026-03-27 07:43:28 +02:00

dependabot.yml

.github: Set 21-day cooldown to dependabot updates (#10740)

2026-04-03 15:51:07 +03:00

pull_request_template.md

.github/pull_request_template.md: add a link to https://docs.victoriametrics.com/victoriametrics/goals/

2025-07-06 20:08:28 +02:00