warpgate/.github/dependabot.yml
kekkon d78917a323
Group dependabot version bump prs if they are minor or patch bumps (#1049)
Based on [the
docs](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#groups).

Unfortunately I can't test this, but according to the documentation
examples, this should make dependabot group all version bump PRs into a
single PR per package manager. Only major version bumps and security
issues are still raised as separate PRs.

I also removed the PR limit, since this setting probably makes more
sense than simply limiting the dependabot PRs.
2024-09-05 16:53:45 +02:00

29 lines
748 B
YAML

# Please see the documentation for all configuration options:
# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
version: 2
updates:
- package-ecosystem: "cargo"
directory: "/"
labels: ["type/deps"]
#open-pull-requests-limit: 25
schedule:
interval: "daily"
groups:
version-bumps:
applies-to: version-updates
update-types:
- minor
- patch
- package-ecosystem: "npm"
directory: "/warpgate-web"
labels: ["type/deps"]
#open-pull-requests-limit: 25
groups:
version-bumps:
applies-to: version-updates
update-types:
- minor
- patch
schedule:
interval: "daily"