-
Notifications
You must be signed in to change notification settings - Fork 26
Expand file tree
/
Copy pathdependabot.yml
More file actions
40 lines (40 loc) · 1.2 KB
/
dependabot.yml
File metadata and controls
40 lines (40 loc) · 1.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# Keep GitHub Actions up to date with GitHub's Dependabot...
# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot
# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem
version: 2
updates:
- package-ecosystem: github-actions
directory: /
groups:
github-actions:
patterns:
- "*" # Group all Actions updates into a single larger pull request
schedule:
interval: weekly
- package-ecosystem: cargo
directory: /
groups:
security:
patterns:
- "*"
applies-to: security-updates
low-prio:
patterns:
- "*" # Group all cargo updates into a single larger pull request
applies-to: version-updates
update-types:
- "patch"
- "minor"
high-priority:
patterns:
- "*"
applies-to: version-updates
update-types:
- "major"
cooldown:
default-days: 30
semver-major-days: 90
semver-minor-days: 60
semver-patch-days: 30
schedule:
interval: weekly