|
| 1 | +# To get started with Dependabot version updates, you'll need to specify which |
| 2 | +# package ecosystems to update and where the package manifests are located. |
| 3 | +# Please see the documentation for all configuration options: |
| 4 | +# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates |
| 5 | + |
| 6 | +# `dependabot.yml` file with updates |
| 7 | +# disabled for Docker and limited for npm |
| 8 | + |
| 9 | +version: 2 |
| 10 | +updates: |
| 11 | + # Configuration for Dockerfile |
| 12 | + - package-ecosystem: "docker" |
| 13 | + directory: "/" |
| 14 | + schedule: |
| 15 | + interval: "weekly" |
| 16 | + # Disable all pull requests for Docker dependencies |
| 17 | + open-pull-requests-limit: 0 |
| 18 | + |
| 19 | + # Configuration for npm |
| 20 | + - package-ecosystem: "npm" |
| 21 | + directory: "/" |
| 22 | + schedule: |
| 23 | + interval: "weekly" |
| 24 | + ignore: |
| 25 | + # Ignore updates to packages that start with 'aws' |
| 26 | + # Wildcards match zero or more arbitrary characters |
| 27 | + - dependency-name: "aws*" |
| 28 | + # Ignore some updates to the 'express' package |
| 29 | + - dependency-name: "express" |
| 30 | + # Ignore only new versions for 4.x and 5.x |
| 31 | + versions: ["4.x", "5.x"] |
| 32 | + # For all packages, ignore all patch updates |
| 33 | + - dependency-name: "*" |
| 34 | + update-types: ["version-update:semver-patch"] |
0 commit comments