From c3f70430429fc56bccd9463d8ca9fdbe58f99f59 Mon Sep 17 00:00:00 2001
From: KK <dev-kk@oeaw.ac.at>
Date: Mon, 7 Oct 2024 15:26:03 +0200
Subject: [PATCH] ci(workflows): add Dependabot config

---
 .github/dependabot.yml | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..fda9705
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,37 @@
+# SPDX-FileCopyrightText: 2024 K Kollmann
+# SPDX-License-Identifier: MIT
+
+version: 2
+updates:
+    # dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    # workflows/actions are assumed to be in (have as root) .github/workflows
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    commit-message:
+      prefix: "ci"
+      include: "scope"
+    reviewers:
+      - "koeaw"
+    # Frischmuth project dependencies
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    commit-message:
+      prefix: "build"
+      include: "scope"
+    reviewers:
+      - "koeaw"
+    groups:
+      apis-dependencies:
+        patterns:
+          - "apis-*"
+      project-dev-dependencies:
+        # includes all [tool.poetry.group.*.dependencies]
+        dependency-type: development
+      project-dependencies:
+        applies-to: version-updates
+      vulnerabilities:
+        applies-to: security-updates