# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file

version: 2
updates:
- package-ecosystem: pip
  # We only want to bump versions of packages in case of security updates, as
  # we want to keep maximum compatibility - see https://t.ly/INSR_
  open-pull-requests-limit: 0
  directory: "/"
  labels: []
  schedule:
    interval: weekly
    time: "04:00"
- package-ecosystem: github-actions
  open-pull-requests-limit: 10
  directory: "/"
  labels: []
  schedule:
    interval: weekly
    time: "04:00"