If you manage your node.js dependencies with the pnpm package manager, you can now use Dependabot to keep those dependencies updated with automatic pull requests. You can easily configure this feature by adding or updating your dependabot.yml file in your repository. At this time, Dependabot will not open security alerts against pnpm dependencies.
Enterprise administrators can now disable repository level self-hosted runners across organizations and enterprise user namespaces.
Once this new setting has been enabled users will no longer be able to register new self-hosted runners in a repository and existing runners will not be able to receive new jobs.
Learn more about Disabling or limiting GitHub Actions for your organization
