<div dir="ltr">I noticed this morning that Dependabot opened 3 PRs against <a href="http://pulpproject.org">pulpproject.org</a> even though we haven't given it access to that repo[0]. It turns out that now Github is using Dependabot to open PRs for known security issues[1]. As these are security vulnerabilities, I'd like to merge these today unless anyone objects.<div><br></div><div>[0] <a href="https://github.com/pulp/pulpproject.org/pulls/app%2Fdependabot">https://github.com/pulp/pulpproject.org/pulls/app%2Fdependabot</a><br></div><div><div>[1] <a href="https://github.com/features/security#security-update">https://github.com/features/security#security-update</a></div></div><div><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><br></div><div>David<br></div></div></div></div></div></div></div></div></div></div>