Modify dependabot rules by only fix security issues

Signed-off-by: Ming <mqiu@vmware.com>
2026-01-04 12:14:00 +00:00 · 2022-11-04 09:34:01 +00:00
parent fc493632b9
commit bfe4ac0d67
1 changed files with 5 additions and 6 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -5,9 +5,8 @@ updates:
    directory: "/" # Location of package manifests
    schedule:
      interval: "weekly"
-
-  # Dependencies listed in .github/workflows/*.yml
-  - package-ecosystem: "github-actions"
-    directory: "/"
-    schedule:
-      interval: "weekly"
+    labels:
+      - "kind/changelog-not-required"
+    ignore:
+      - dependency-name: "*"
+        update-types: ["version-update:semver-major", "version-update:semver-minor", "version-update:semver-patch"]