Merge pull request #8 from ethiotelecom-et/Create-action-patch-1

Update dependabot.yml
2024-01-22 21:44:30 +03:00 · 2024-01-22 21:44:30 +03:00 · f862cb4e88
parent f2dca664cc 6a490224c5
commit f862cb4e88
1 changed files with 26 additions and 37 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -1,45 +1,34 @@
-# To get started with Dependabot version updates, you'll need to specify which
-# package ecosystems to update and where the package manifests are located.
-# Please see the documentation for all configuration options:
-# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+# Use `allow` to specify which dependencies to maintain

 version: 2
 updates:
-  - package-ecosystem: npm
-    directory: '/'
+  - package-ecosystem: "npm"
+    directory: "/"
    schedule:
-      interval: weekly
-      day: tuesday
-    open-pull-requests-limit: 20 # default is 5
-    ignore:
-      # Because this is so dependent on the remote server we use
-      - dependency-name: '@elastic/elasticsearch'
-      # Because whatever we have needs to match what @primer/react also uses
-      - dependency-name: 'styled-components'
-      - dependency-name: '*'
-        update-types:
-          ['version-update:semver-patch', 'version-update:semver-minor']
+      interval: "weekly"
+    allow:
+      # Allow updates for Lodash
+      - dependency-name: "lodash"
+      # Allow updates for React and any packages starting "react"
+      - dependency-name: "react*"

-  - package-ecosystem: 'github-actions'
-    directory: '/'
+  - package-ecosystem: "composer"
+    directory: "/"
    schedule:
-      interval: weekly
-      day: wednesday
-    ignore:
-      - dependency-name: '*'
-        update-types:
-          ['version-update:semver-patch', 'version-update:semver-minor']
+      interval: "weekly"
+    allow:
+      # Allow both direct and indirect updates for all packages
+      - dependency-type: "all"

-  - package-ecosystem: 'docker'
-    directory: '/'
+  - package-ecosystem: "pip"
+    directory: "/"
    schedule:
-      interval: weekly
-      day: thursday
-    ignore:
-      - dependency-name: 'node'
-  
-  - package-ecosystem: 'pip'
-    directory: "/__tests__/data/requirements-linux.txt"
-    schedule:
-      interval: weekly
-       day: Monday
+      interval: "weekly"
+    allow:
+      # Allow only direct updates for
+      # Django and any packages starting "django"
+      - dependency-name: "django*"
+        dependency-type: "direct"
+      # Allow only production updates for Sphinx
+      - dependency-name: "sphinx"
+        dependency-type: "production"