Skip to content

Commit

Permalink
dependabot: only do security updates (#320)
Browse files Browse the repository at this point in the history
  • Loading branch information
sethvargo authored Jul 11, 2023
1 parent ee81b78 commit 8738ec4
Showing 1 changed file with 7 additions and 17 deletions.
24 changes: 7 additions & 17 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -1,20 +1,10 @@
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates

version: 2
updates:
- package-ecosystem: "npm"
directory: "/"
commit-message:
prefix: "chore(deps): "
rebase-strategy: "disabled"
- package-ecosystem: 'npm'
directory: '/'
rebase-strategy: 'disabled'
schedule:
interval: "daily"
ignore:
- dependency-name: "*"
update-types: [
"version-update:semver-patch",
"version-update:semver-minor",
] # Security updates are unaffected by this setting
interval: 'daily'
commit-message:
prefix: 'security: '
open-pull-requests-limit: 0 # only check security updates

0 comments on commit 8738ec4

Please sign in to comment.