Modern, modular, extensible button system designed for both rapid prototyping and production-ready applications

By Frameable Inc
Last update: Dec 24, 2022
Comments: 12

knopf.css

Modern, modular, extensible button system designed for both rapid prototyping and production-ready applications.

Made by Frameable, the team behind Social hour and Subtask.

Installation

Just download and include the minified stylesheet on your website.

<link rel="stylesheet" href="/knopf.min.css">

You could also link to a CDN hosted file.

<link rel="stylesheet" href="https://unpkg.com/knopf.css/knopf.min.css">

Otherwise, you can use your favorite package manager to install it as a dependency.

Install with npm

npm install knopf.css

Install with yarn

yarn add knopf.css

And then import it wherever you are importing your styles.

import 'knopf.css'

Usage

By including knopf you get a bunch of goodies out of the box; however, you should probably customize the styles to meet your design needs, and there are multiple ways of doing just that.

Override default values

All of the base values can be changed by overriding the custom properties at root:

:root {
  --knopf-hue: 164;
  --knopf-saturation: 88%;
  --knopf-luminosity: 28%;
}

<button class="knopf">
  Button
</button>

Extend via modifier

You can also create your own class that sets new values for a particular instance:

.negative {
  --knopf-hue: 356;
  --knopf-saturation: 57%;
  --knopf-luminosity: 51%;
}

<button class="knopf negative">
  Button
</button>

Leverage the cascade

As with any CSS library, you can override the base class to make it your own. This aproach still lets you take advantage of the existing properties, variables and modifiers.

.knopf.knopf {
  --knopf-raised-height: 6px;
  border-block-end-color: hsl(var(--knopf-hover-background-color));
  border-block-end-width: var(--knopf-raised-height);
  margin-block-start: calc(var(--knopf-raised-height) * -1);
}

.knopf.knopf:hover {
  --knopf-raised-height: 2px;
  border-block-end-color: hsl(var(--knopf-active-background-color));
}

<button class="knopf large wide pill">
  Button
</button>

The same logic is applicable to all of the built-in modifiers, try out the playground to check them out.

I would also suggest taking a look at the source code for the full list of customizable custom properties.

You can see the full test suite on this pen.

Contributing

Please read the contribution guidelines in order to make the contribution process easy and effective for everyone involved.

Github

https://github.com/team-video/knopf.css

Comments(12)

1

double class .knopf in README

hey,

is there a practical reason for the .knopf.knopf construct in the README? I find that very confusing, and it might lead people to think about specificity as a reason or such, but AFAIK this does not increase specificity at all.

Thx!
2

Bump browserslist from 4.16.3 to 4.17.0
Bumps browserslist from 4.16.3 to 4.17.0.
Changelog

Sourced from browserslist's changelog.
Change Log

This project adheres to Semantic Versioning.

4.17
- Added yarn 3 support to --update-db (by Himank Pathak).
4.16.8
- Updated Firefox ESR.
4.16.7
- Fixed oudated caniuse-lite warning text (by Paul Verest).
- Fixed docs (by Alexander Belov).
4.16.6
- Fixed npm-shrinkwrap.json support in --update-db (by Geoff Newman).
4.16.5
- Fixed unsafe RegExp (by Yeting Li).
4.16.4
- Fixed unsafe RegExp.
- Added artifactory support to --update-db (by Ittai Baratz).
Commits
- b760f7a Release 4.17 version
- 9525bbc Fix Yarn 2 update
- 6077463 Clean up code
- abb948b Update dependencies
- 8422845 fix: browserslist --update-db for yarn v2+ lockfile (#619)
- 83764ea docs: add new tool to README (#615)
- 0572cbe Release 4.16.8 version
- 81a0772 Update Firefox EST version
- 5267934 Update dependencies
- eb11543 Release 4.16.7 version
- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
3

Bump glob-parent from 5.1.1 to 5.1.2
Bumps glob-parent from 5.1.1 to 5.1.2.
Release notes

Sourced from glob-parent's releases.
v5.1.2

Bug Fixes
- eliminate ReDoS (#36) (f923116)
Changelog

Sourced from glob-parent's changelog.
5.1.2 (2021-03-06)

Bug Fixes
- eliminate ReDoS (#36) (f923116)
6.0.1 (2021-07-20)

Bug Fixes
- Resolve ReDoS vulnerability from CVE-2021-35065 (#49) (3e9f04a)
6.0.0 (2021-05-03)

⚠ BREAKING CHANGES
- Correct mishandled escaped path separators (#34)
- upgrade scaffold, dropping node <10 support
Bug Fixes
- Correct mishandled escaped path separators (#34) (32f6d52), closes #32
Miscellaneous Chores
- upgrade scaffold, dropping node <10 support (e83d0c5)
Commits
- eb2c439 chore: update changelog
- 12bcb6c chore: release 5.1.2
- f923116 fix: eliminate ReDoS (#36)
- 0b014a7 chore: add JSDoc returns information (#33)
- 2b24ebd chore: generate initial changelog
- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
4

Bump ssri from 6.0.1 to 6.0.2
Bumps ssri from 6.0.1 to 6.0.2.
Changelog

Sourced from ssri's changelog.
6.0.2 (2021-04-07)

Bug Fixes
- backport regex change from 8.0.1 (b30dfdb), closes #19
Commits
- b7c8c7c chore(release): 6.0.2
- b30dfdb fix: backport regex change from 8.0.1
- See full diff in compare view
Maintainer changes

This version was pushed to npm by nlf, a new releaser for ssri since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
5

Bump tar from 6.1.0 to 6.1.11
Bumps tar from 6.1.0 to 6.1.11.
Commits
- e573aee 6.1.11
- edb8e9a fix: perf regression on hot string munging path
- a9d9b05 chore(test): Avoid spurious failures packing node_modules/.cache
- 24b8bda fix(test): use posix path for testing path reservations
- e5a223c fix(test): make unpack test pass on case-sensitive fs
- 188badd 6.1.10
- 23312ce drop dirCache for symlink on all platforms
- 4f1f4a2 6.1.9
- 875a37e fix: prevent path escape using drive-relative paths
- b6162c7 fix: reserve paths properly for unicode, windows
- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
6

Bump path-parse from 1.0.6 to 1.0.7
Bumps path-parse from 1.0.6 to 1.0.7.
Commits
- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
7

Bump tar from 6.1.0 to 6.1.4
Bumps tar from 6.1.0 to 6.1.4.
Commits
- bf69383 6.1.4
- 06cbde5 Avoid an unlikely but theoretically possible redos
- 0b78386 6.1.3
- 56c24b0 fix: properly handle top-level files when using strip
- 8d75229 ci: Create codeql workflow
- 3f7b200 6.1.2
- 9dbdeb6 Remove paths from dirCache when no longer dirs
- 1e33534 6.1.1
- 1f036ca fix: strip absolute paths more comprehensively
- 1b94260 [email protected]
- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
8

Bump postcss from 7.0.35 to 7.0.36
Bumps postcss from 7.0.35 to 7.0.36.
Release notes

Sourced from postcss's releases.
7.0.36
- Backport ReDoS vulnerabilities from PostCSS 8.
Changelog

Sourced from postcss's changelog.
7.0.36
- Backport ReDoS vulnerabilities from PostCSS 8.
Commits
- 67e3d7b Release 7.0.36 version
- 54cbf3c Backport ReDoS vulnerabilities from PostCSS 8
- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
9

Bump trim-newlines from 3.0.0 to 3.0.1
Bumps trim-newlines from 3.0.0 to 3.0.1.
Commits
- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
10

Bump lodash from 4.17.20 to 4.17.21
Bumps lodash from 4.17.20 to 4.17.21.
Commits
- f299b52 Bump to v4.17.21
- c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
- 3469357 Prevent command injection through _.template's variable option
- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
11

Bump lodash from 4.17.15 to 4.17.19
Bumps lodash from 4.17.15 to 4.17.19.

Release notes

Sourced from lodash's releases.

4.17.16
Commits
- d7fbc52 Bump to v4.17.19
- 2e1c0f2 Add npm-package
- 1b6c282 Bump to v4.17.18
- a370ac8 Bump to v4.17.17
- 1144918 Rebuild lodash and docs
- 3a3b0fd Bump to v4.17.16
- c84fe82 fix(zipObjectDeep): prototype pollution (#4759)
- e7b28ea Sanitize sourceURL so it cannot affect evaled code (#4518)
- 0cec225 Fix lodash.isEqual for circular references (#4320) (#4515)
- 94c3a81 Document matches* shorthands for over* methods (#4510) (#4514)
- Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by mathias, a new releaser for lodash since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
12

Bump minimist from 1.2.5 to 1.2.6
Bumps minimist from 1.2.5 to 1.2.6.
Commits
- 7efb22a 1.2.6
- ef88b93 security notice for additional prototype pollution issue
- c2b9819 isConstructorOrProto adapted from PR
- bc8ecee test from prototype pollution PR
- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.