actions/auth
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

dependabot: only do security updates (#320)

Browse Source
This commit is contained in:
Seth Vargo 2023-07-11 11:09:54 -04:00 committed by GitHub
parent ee81b78321
commit 8738ec4f61
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
.github/dependabot.yml vendored
View File

@ -1,20 +1,10 @@
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
version: 2 version: 2
updates: updates:
- package-ecosystem: "npm" - package-ecosystem: 'npm'
directory: "/" directory: '/'
commit-message: rebase-strategy: 'disabled'
prefix: "chore(deps): "
rebase-strategy: "disabled"
schedule: schedule:
interval: "daily" interval: 'daily'
ignore: commit-message:
- dependency-name: "*" prefix: 'security: '
update-types: [ open-pull-requests-limit: 0 # only check security updates
"version-update:semver-patch",
"version-update:semver-minor",
] # Security updates are unaffected by this setting