feat: try enabling dependabot to keep dependencies up to date (#74)

* feat: try enabling dependabot to keep dependencies up to date * fix: add missing key in dependabot.yml
Automattic · Nov 5, 2021 · e2d7458 · e2d7458
1 parent 21ccfbf
commit e2d7458
Showing 1 changed file with 21 additions and 0 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,21 @@
+# Dependabot config.
+# Keep NPM and Composer packages up-to-date.
+# Let's start out with daily updates and then drop back to less frequent intervals after everything is up-to-date.
+
+version: 2
+updates:
+  # Enable version updates for npm
+  - package-ecosystem: 'npm'
+    # Look for `package.json` and `lock` files in the `root` directory
+    directory: '/'
+    # Check the npm registry for updates every day (weekdays)
+    schedule:
+      interval: 'daily'
+
+  # Enable version updates for Composer
+  - package-ecosystem: 'composer'
+    # Look for a `composer.lock` in the `root` directory
+    directory: '/'
+    # Check for updates every day (weekdays)
+    schedule:
+      interval: 'daily'