chore(dependabot): Allows only security patches (#4075)

* feat(dependabot): Add dependabot to check for vulnerabilies and update dependencies --------- Signed-off-by: BLANKatGITHUB <131886247+BLANKatGITHUB@users.noreply.github.com> Signed-off-by: Blanky <131886247+BLANKatGITHUB@users.noreply.github.com>
2025-03-14 10:01:52 +00:00 · 2024-11-08 11:38:33 +05:30
parent 41d8df6e11
commit 43060ba79e
1 changed files with 38 additions and 0 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -5,6 +5,13 @@ updates:
    schedule:
      interval: "weekly"

+    open-pull-requests-limit: 1
+    groups:
+      actions:
+        patterns:
+          - "*"
+
+
  - package-ecosystem: "gomod"
    directories:
      - "/contrib/charts/dragonfly"
@ -12,9 +19,40 @@ updates:
    schedule:
      interval: "weekly"

+    open-pull-requests-limit: 1
+    #uncomment it to group dependency updates
+    #groups:
+      #go-mod:
+        #patterns:
+          #- "*"
+    ignore:
+      # Disable all updates except security updates
+      #remove an item from ignore list to get dependency updates of that kind
+      - dependency-name: "*"
+        update-types:
+          - "version-update:semver-major"
+          - "version-update:semver-minor"
+          - "version-update:semver-patch"
+
+
+
  - package-ecosystem: "pip"
    directories:
      - "/tests/dragonfly"
      - "/tools"
    schedule:
      interval: "weekly"
+
+    #uncomment it to group dependency updates
+    #groups:
+      #py-dep:
+        #patterns:
+          #- "*"
+    ignore:
+      # Disable all updates except security updates
+      #remove an item from ignore list to get dependency updates of that kind
+      - dependency-name: "*"
+        update-types:
+          - "version-update:semver-major"
+          - "version-update:semver-minor"
+          - "version-update:semver-patch"