From 85b1ddabb43e04bef6088c4046cf6a984aba447d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Anne?= Date: Thu, 1 Feb 2024 15:55:48 +0100 Subject: [PATCH 1/2] Add `dependabot` config --- .github/dependabot.yml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..ed4363c --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,29 @@ +version: 2 +updates: + # Ensure GitHub Actions are used in their latest version + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "monthly" + + # Strategy for composer dependencies + - package-ecosystem: "composer" + directory: "/" + schedule: + interval: "monthly" + allow: + - dependency-type: "direct" + open-pull-requests-limit: 100 + target-branch: "main" + versioning-strategy: "increase" + + # Strategy for npm dependencies + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "monthly" + allow: + - dependency-type: "development" + open-pull-requests-limit: 100 + target-branch: "main" + versioning-strategy: "increase" From 9d819e161c9673cf1ba45f4cd81a3906d2190eaf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Anne?= Date: Thu, 1 Feb 2024 15:56:42 +0100 Subject: [PATCH 2/2] group dev updates --- .github/dependabot.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index ed4363c..8abc772 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -16,6 +16,10 @@ updates: open-pull-requests-limit: 100 target-branch: "main" versioning-strategy: "increase" + groups: + dev-dependencies: + patterns: + - "*" # Strategy for npm dependencies - package-ecosystem: "npm" @@ -27,3 +31,7 @@ updates: open-pull-requests-limit: 100 target-branch: "main" versioning-strategy: "increase" + groups: + dev-dependencies: + patterns: + - "*"