mirror of
https://github.com/Steffo99/emblematic.git
synced 2024-10-16 06:07:26 +00:00
78 lines
1.8 KiB
YAML
78 lines
1.8 KiB
YAML
# Dependabot configuration file
|
|
# See: https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#allow
|
|
|
|
version: 2
|
|
|
|
updates:
|
|
|
|
# We're using Poetry
|
|
- package-ecosystem: pip
|
|
|
|
# The root directory of the project
|
|
directory: "/"
|
|
|
|
# Check every day for updates at 08:00 UTC
|
|
schedule:
|
|
interval: "daily"
|
|
time: "08:00"
|
|
timezone: "UTC"
|
|
|
|
# Do not alert for indirect dependencies, as there may be too many
|
|
allow:
|
|
- dependency-type: direct
|
|
|
|
# Set the pull request label
|
|
labels:
|
|
- "dependencies"
|
|
|
|
# Stay updated to the main branch
|
|
rebase-strategy: auto
|
|
|
|
# Pip does not support any other versioning strategy
|
|
versioning-strategy: lockfile-only
|
|
|
|
# Additionally, keep GitHub Actions updated
|
|
- package-ecosystem: github-actions
|
|
|
|
# The root directory of the actions
|
|
directory: "/"
|
|
|
|
# Check every day for updates at 08:00 UTC
|
|
schedule:
|
|
interval: "daily"
|
|
time: "08:00"
|
|
timezone: "UTC"
|
|
|
|
# GitHub Actions only has direct dependencies
|
|
allow:
|
|
- dependency-type: direct
|
|
|
|
# Set the pull request label
|
|
labels:
|
|
- "automation"
|
|
|
|
# Stay updated to the main branch
|
|
rebase-strategy: auto
|
|
|
|
# Finally, keep Git submodules updated
|
|
- package-ecosystem: gitsubmodule
|
|
|
|
# The root directory of the repository
|
|
directory: "/"
|
|
|
|
# Check every day for updates at 08:00 UTC
|
|
schedule:
|
|
interval: "daily"
|
|
time: "08:00"
|
|
timezone: "UTC"
|
|
|
|
# GitHub Actions only has direct dependencies
|
|
allow:
|
|
- dependency-type: direct
|
|
|
|
# Set the pull request label
|
|
labels:
|
|
- "dependencies"
|
|
|
|
# Stay updated to the main branch
|
|
rebase-strategy: auto
|