Hi,
I can’t find any way to restrict who’s comments DependaBot listens to in PR - am I missing something or is that not configurable?
It feels a bit wonky if anybody may trigger a merge in a public repo just by commenting?
Hi,
I can’t find any way to restrict who’s comments DependaBot listens to in PR - am I missing something or is that not configurable?
It feels a bit wonky if anybody may trigger a merge in a public repo just by commenting?