diff --git a/.github/dependabot.yml b/.github/dependabot.yml index f575ec7..a4de648 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,34 +1,20 @@ -# To get started with Dependabot version updates, you'll need to specify which -# package ecosystems to update and where the package manifests are located. -# Please see the documentation for all configuration options: -# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates - -# `dependabot.yml` file with updates -# disabled for Docker and limited for npm + # Basic `dependabot.yml` file with +# minimum configuration for two package managers version: 2 updates: - # Configuration for Dockerfile - - package-ecosystem: "docker" + # Enable version updates for npm + - package-ecosystem: "npm" + # Look for `package.json` and `lock` files in the `root` directory directory: "/" + # Check the npm registry for updates every day (weekdays) schedule: - interval: "weekly" - # Disable all pull requests for Docker dependencies - open-pull-requests-limit: 0 + interval: "daily" - # Configuration for npm - - package-ecosystem: "npm" + # Enable version updates for Docker + - package-ecosystem: "docker" + # Look for a `Dockerfile` in the `root` directory directory: "/" + # Check for updates once a week schedule: interval: "weekly" - ignore: - # Ignore updates to packages that start with 'aws' - # Wildcards match zero or more arbitrary characters - - dependency-name: "aws*" - # Ignore some updates to the 'express' package - - dependency-name: "express" - # Ignore only new versions for 4.x and 5.x - versions: ["4.x", "5.x"] - # For all packages, ignore all patch updates - - dependency-name: "*" - update-types: ["version-update:semver-patch"]