mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2025-12-23 06:15:47 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Use dependabot to automate major-only dependency bumps

Browse Source
This commit is contained in:
Joshua Casey
2024-05-29 17:37:25 -05:00
parent eafc9ad78c
commit 3c0bad9ea2
1 changed files with 19 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
.github/dependabot.yml vendored
View File

@@ -9,12 +9,25 @@ updates:
schedule: schedule:
interval: "daily" interval: "daily"
# Our own CI job is responsible for updating this go.mod file now. # Use dependabot to automate major-only dependency bumps
# - package-ecosystem: "gomod" - package-ecosystem: "gomod"
# open-pull-requests-limit: 100 open-pull-requests-limit: 2 # Not sure why there would ever be more than 1, just would not want to hide anything
# directory: "/" directory: "/"
# schedule: schedule:
# interval: "daily" interval: "daily"
# group all major dependency bumps together so there's only one pull request
groups:
go-modules:
patterns:
- "*"
update-types:
- "major"
ignore:
# For all packages, ignore all minor and patch updates
- dependency-name: "*"
update-types:
- "version-update:semver-minor"
- "version-update:semver-patch"
# Our own CI job is responsible for updating this Docker file now. # Our own CI job is responsible for updating this Docker file now.
# - package-ecosystem: "docker" # - package-ecosystem: "docker"