web/stephan.hadan.de
web/stephan.hadan.de
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

Create dependabot.yml

Browse source 
First commit
This commit is contained in:
Stephan Hadan 2024-12-02 15:19:39 +01:00 committed by GitHub
parent c42ed73087
commit f27ea8bdcd
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 23 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
.github/dependabot.yml vendored Normal file
View file

@ -0,0 +1,23 @@
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
version: 2
updates:
- package-ecosystem: pip
# We only want to bump versions of packages in case of security updates, as
# we want to keep maximum compatibility - see https://t.ly/INSR_
open-pull-requests-limit: 0
directory: "/"
labels: []
schedule:
interval: weekly
time: "04:00"
- package-ecosystem: github-actions
open-pull-requests-limit: 10
directory: "/"
labels: []
schedule:
interval: weekly
time: "04:00"