dependabot-helper
An application that helps manage Dependabot updates across multiple repositories.
APACHE-2.0 License
Dependabot Helper
Introduction
Dependabot Helper is an ASP.NET Core application that helps manage Dependabot updates across GitHub multiple repositories.
Dependabot Helper integrates with the GitHub API via OAuth to interact with selected repositories acting as your user account to manage pull requests generated by bots, such as the dependabot bot and the github-actions bot.
For more information, please refer to the documentation.
Debugging
[!WARNING] Do not commit GitHub OAuth secrets to source control. Configure them with User Secrets instead.
To debug the application locally outside of the integration tests, you will need
to create a GitHub OAuth app to obtain secrets for the GitHub:ClientId and
GitHub:ClientSecret options so that the OAuth user authentication works and
you can log into the Dependabot Helper UI. GitHub Enterprise Server is also supported.
[!TIP] When creating the GitHub OAuth app, use
https://localhost:5001/sign-in-githubas the Authorization callback URL.
Building and Testing
Compiling the application yourself requires Git and the .NET SDK to be installed.
To build and test the application locally from a terminal/command-line, run the following set of commands:
git clone https://github.com/martincostello/dependabot-helper.git
cd dependabot-helper
# Restore Aspire workload on first usage (requires elevation on Windows if not installed)
dotnet workload restore
# Build and test the application
./build.ps1
Feedback
Any feedback or issues can be added to the issues for this project in GitHub.
Repository
The repository is hosted in GitHub: https://github.com/martincostello/dependabot-helper.git
License
This project is licensed under the Apache 2.0 license.
