Skip to content

Commit

Permalink
Create dependabot.yml
Browse files Browse the repository at this point in the history 
Only update what would be updated via `npm outdated`, do not update the package.json
  • Loading branch information
@jelster
jelster authored Jan 8, 2023
1 parent ce10e12 commit 9aceda0
Showing 1 changed file with 12 additions and 0 deletions.
12 changes: 12 additions & 0 deletions .github/dependabot.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates

version: 2
updates:
- package-ecosystem: "npm" # See documentation for possible values
directory: "/" # Location of package manifests
schedule:
interval: "weekly"
versioning-strategy: "lockfile-only"

1 comment on commit 9aceda0

@jelster
Copy link
Owner Author

@jelster jelster commented on 9aceda0 Jan 8, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Currently, this isn't going to be a feasible approach for keeping the BJS packages up to date. See github/roadmap#148 for roadmap on when grouped updates might be expected

Please sign in to comment.