Skip to content

Commit cb53cc6

Browse files
authored
Merge pull request #772 from LabsCrypt/fix/dependabot-workspace-lockfile
fix(ci): point Dependabot npm at the workspace root only
2 parents 9a89583 + 45f6739 commit cb53cc6

1 file changed

Lines changed: 6 additions & 26 deletions

File tree

.github/dependabot.yml

Lines changed: 6 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,12 @@ version: 2
22

33
updates:
44
# ── npm: root workspace ────────────────────────────────────────────────────
5+
# flowfi is a single npm workspace (frontend + backend hoisted into one root
6+
# package-lock.json). Dependabot must update from the workspace root so the
7+
# root lockfile CI runs `npm ci` against stays in sync. Per-directory entries
8+
# for /frontend and /backend only touched their package.json without updating
9+
# the root lockfile, so every PR they opened failed `npm ci` with
10+
# "lock file's X does not satisfy Y". One root entry covers all workspaces.
511
- package-ecosystem: "npm"
612
directory: "/"
713
schedule:
@@ -14,32 +20,6 @@ updates:
1420
- "minor"
1521
- "patch"
1622

17-
# ── npm: frontend ──────────────────────────────────────────────────────────
18-
- package-ecosystem: "npm"
19-
directory: "/frontend"
20-
schedule:
21-
interval: "weekly"
22-
day: "monday"
23-
open-pull-requests-limit: 10
24-
groups:
25-
minor-and-patch:
26-
update-types:
27-
- "minor"
28-
- "patch"
29-
30-
# ── npm: backend ───────────────────────────────────────────────────────────
31-
- package-ecosystem: "npm"
32-
directory: "/backend"
33-
schedule:
34-
interval: "weekly"
35-
day: "monday"
36-
open-pull-requests-limit: 10
37-
groups:
38-
minor-and-patch:
39-
update-types:
40-
- "minor"
41-
- "patch"
42-
4323
# ── Cargo: contracts ───────────────────────────────────────────────────────
4424
- package-ecosystem: "cargo"
4525
directory: "/contracts"

0 commit comments

Comments
 (0)