Objective
Automate vulnerability scanning and resolution for dependencies across the codebase by introducing a standard Dependabot configuration.\n\n### Tasks & Requirements\nCreate and commit a configuration file to the root of the repository with the following specifications:\n- Security Updates: Configure security updates to run daily for all relevant dependency ecosystems used in the project (e.g., Poetry (version 2.3.4)
Usage:
command [options] [arguments]
Options:
-h, --help Display help for the given command. When no command is given display help for the list command.
-q, --quiet Do not output any message.
-V, --version Display this application version.
--ansi Force ANSI output.
--no-ansi Disable ANSI output.
-n, --no-interaction Do not ask any interactive question.
--no-plugins Disables plugins.
--no-cache Disables Poetry source caches.
-P, --project=PROJECT Specify another path as the project root. All command-line arguments will be resolved relative to the current working directory.
-C, --directory=DIRECTORY The working directory for the Poetry command (defaults to the current working directory). All command-line arguments will be resolved relative to the given directory.
-v|vv|vvv, --verbose Increase the verbosity of messages: 1 for normal output, 2 for more verbose output and 3 for debug.
Available commands:
about Shows information about Poetry.
add Adds a new dependency to pyproject.toml and installs it.
build Builds a package, as a tarball and a wheel by default.
check Validates the content of the pyproject.toml file and its consistency with the poetry.lock file.
config Manages configuration settings.
help Displays help for a command.
init Creates a basic pyproject.toml file in the current directory.
install Installs the project dependencies.
list Lists commands.
lock Locks the project dependencies.
new Creates a new Python project at .
publish Publishes a package to a remote repository.
remove Removes a package from the project dependencies.
run Runs a command in the appropriate environment.
search Searches for packages on remote repositories.
show Shows information about packages.
sync Update the project's environment according to the lockfile.
update Update the dependencies as according to the pyproject.toml file.
version Shows the version of the project or bumps it when a valid bump rule is provided.
cache
cache clear Clear Poetry's caches.
cache list List Poetry's caches.
debug
debug info Shows debug information.
debug resolve Debugs dependency resolution.
debug tags Shows compatible tags for your project's current active environment.
env
env activate Print the command to activate a virtual environment.
env info Displays information about the current environment.
env list Lists all virtualenvs associated with the current project.
env remove Remove virtual environments associated with the project.
env use Activates or creates a new virtualenv for the current project.
python
python install Install the specified Python version from the Python Standalone Builds project. (experimental feature)
python list Shows Python versions available for this environment. (experimental feature)
python remove Remove the specified Python version if managed by Poetry. (experimental feature)
self
self add Add additional packages to Poetry's runtime environment.
self install Install locked packages (incl. addons) required by this Poetry installation.
self lock Lock the Poetry installation's system requirements.
self remove Remove additional packages from Poetry's runtime environment.
self show Show packages from Poetry's runtime environment.
self show plugins Shows information about the currently installed plugins.
self sync Sync Poetry's own environment according to the locked packages (incl. addons) required by this Poetry installation.
self update Updates Poetry to the latest version.
source
source add Add source configuration for project.
source remove Remove source configured for the project.
source show Show information about sources configured for the project. for Python/Flask, Version 10.33.0
Usage: pnpm [command] [flags]
pnpm [ -h | --help | -v | --version ]
These are common pnpm commands used in various situations, use 'pnpm help -a' to list all commands
Manage your dependencies:
add Installs a package and any packages that it depends
on. By default, any new package is installed as a
prod dependency
i, install Install all dependencies for a project
ln, link Connect the local project to another one
rm, remove Removes packages from node_modules and from the
project's package.json
unlink Unlinks a package. Like yarn unlink but pnpm
re-installs the dependency after removing the
external link
up, update Updates packages to their latest version based on the
specified range
Review your dependencies:
audit Checks for known security issues with the installed
packages
ls, list Print all the versions of packages that are
installed, as well as their dependencies, in a
tree-structure
outdated Check for outdated packages
why Shows all packages that depend on the specified
package
Run your scripts:
create Create a project from a "create-" or "@foo/create-"
starter kit
dlx Fetches a package from the registry without
installing it as a dependency, hot loads it, and runs
whatever default command binary it exposes
exec Executes a shell command in scope of a project
run Runs a defined package script
Other:
c, config Manage the pnpm configuration files
init Create a package.json file
publish Publishes a package to the registry
self-update Updates pnpm to the latest version
Options:
-r, --recursive Run the command for each project in the workspace. for Node/Firebase).\n- Version Updates: Configure routine version updates on a weekly schedule to scan for non-vulnerable updates and keep dependencies current.\n- Default Reviewers: Automatically assign the default reviewer group to the pull requests.
Objective
Automate vulnerability scanning and resolution for dependencies across the codebase by introducing a standard Dependabot configuration.\n\n### Tasks & Requirements\nCreate and commit a configuration file to the root of the repository with the following specifications:\n- Security Updates: Configure security updates to run daily for all relevant dependency ecosystems used in the project (e.g., Poetry (version 2.3.4)
Usage:
command [options] [arguments]
Options:
-h, --help Display help for the given command. When no command is given display help for the list command.
-q, --quiet Do not output any message.
-V, --version Display this application version.
--ansi Force ANSI output.
--no-ansi Disable ANSI output.
-n, --no-interaction Do not ask any interactive question.
--no-plugins Disables plugins.
--no-cache Disables Poetry source caches.
-P, --project=PROJECT Specify another path as the project root. All command-line arguments will be resolved relative to the current working directory.
-C, --directory=DIRECTORY The working directory for the Poetry command (defaults to the current working directory). All command-line arguments will be resolved relative to the given directory.
-v|vv|vvv, --verbose Increase the verbosity of messages: 1 for normal output, 2 for more verbose output and 3 for debug.
Available commands:
about Shows information about Poetry.
add Adds a new dependency to pyproject.toml and installs it.
build Builds a package, as a tarball and a wheel by default.
check Validates the content of the pyproject.toml file and its consistency with the poetry.lock file.
config Manages configuration settings.
help Displays help for a command.
init Creates a basic pyproject.toml file in the current directory.
install Installs the project dependencies.
list Lists commands.
lock Locks the project dependencies.
new Creates a new Python project at .
publish Publishes a package to a remote repository.
remove Removes a package from the project dependencies.
run Runs a command in the appropriate environment.
search Searches for packages on remote repositories.
show Shows information about packages.
sync Update the project's environment according to the lockfile.
update Update the dependencies as according to the pyproject.toml file.
version Shows the version of the project or bumps it when a valid bump rule is provided.
cache
cache clear Clear Poetry's caches.
cache list List Poetry's caches.
debug
debug info Shows debug information.
debug resolve Debugs dependency resolution.
debug tags Shows compatible tags for your project's current active environment.
env
env activate Print the command to activate a virtual environment.
env info Displays information about the current environment.
env list Lists all virtualenvs associated with the current project.
env remove Remove virtual environments associated with the project.
env use Activates or creates a new virtualenv for the current project.
python
python install Install the specified Python version from the Python Standalone Builds project. (experimental feature)
python list Shows Python versions available for this environment. (experimental feature)
python remove Remove the specified Python version if managed by Poetry. (experimental feature)
self
self add Add additional packages to Poetry's runtime environment.
self install Install locked packages (incl. addons) required by this Poetry installation.
self lock Lock the Poetry installation's system requirements.
self remove Remove additional packages from Poetry's runtime environment.
self show Show packages from Poetry's runtime environment.
self show plugins Shows information about the currently installed plugins.
self sync Sync Poetry's own environment according to the locked packages (incl. addons) required by this Poetry installation.
self update Updates Poetry to the latest version.
source
source add Add source configuration for project.
source remove Remove source configured for the project.
source show Show information about sources configured for the project. for Python/Flask, Version 10.33.0
Usage: pnpm [command] [flags]
pnpm [ -h | --help | -v | --version ]
These are common pnpm commands used in various situations, use 'pnpm help -a' to list all commands
Manage your dependencies:
add Installs a package and any packages that it depends
on. By default, any new package is installed as a
prod dependency
i, install Install all dependencies for a project
ln, link Connect the local project to another one
rm, remove Removes packages from node_modules and from the
project's package.json
unlink Unlinks a package. Like yarn unlink but pnpm
re-installs the dependency after removing the
external link
up, update Updates packages to their latest version based on the
specified range
Review your dependencies:
audit Checks for known security issues with the installed
packages
ls, list Print all the versions of packages that are
installed, as well as their dependencies, in a
tree-structure
outdated Check for outdated packages
why Shows all packages that depend on the specified
package
Run your scripts:
create Create a project from a "create-" or "@foo/create-"
starter kit
dlx Fetches a package from the registry without
installing it as a dependency, hot loads it, and runs
whatever default command binary it exposes
exec Executes a shell command in scope of a project
run Runs a defined package script
Other:
c, config Manage the pnpm configuration files
init Create a package.json file
publish Publishes a package to the registry
self-update Updates pnpm to the latest version
Options:
-r, --recursive Run the command for each project in the workspace. for Node/Firebase).\n- Version Updates: Configure routine version updates on a weekly schedule to scan for non-vulnerable updates and keep dependencies current.\n- Default Reviewers: Automatically assign the default reviewer group to the pull requests.