-
Notifications
You must be signed in to change notification settings - Fork 10
Expand file tree
/
Copy pathdependabot.yml
More file actions
74 lines (70 loc) · 1.62 KB
/
dependabot.yml
File metadata and controls
74 lines (70 loc) · 1.62 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
# Dependabot configuration for socket-python-cli.
#
# Design notes:
# - Python deps are grouped into a weekly PR (minor/patch).
# - GitHub Actions are grouped similarly into one weekly PR.
# - Docker (the project Dockerfile) is tracked separately.
# - 7-day cooldown enforced across all ecosystems.
version: 2
updates:
# Main app Python deps (uv-tracked)
- package-ecosystem: "uv"
directory: "/"
schedule:
interval: "weekly"
open-pull-requests-limit: 2
groups:
python-minor-patch:
patterns:
- "*"
update-types:
- "minor"
- "patch"
python-major:
patterns:
- "*"
update-types:
- "major"
labels:
- "dependencies"
- "python:uv"
commit-message:
prefix: "chore"
include: "scope"
cooldown:
default-days: 7
# GitHub Actions used in workflows
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
open-pull-requests-limit: 2
groups:
github-actions-minor-patch:
patterns:
- "*"
update-types:
- "minor"
- "patch"
labels:
- "dependencies"
- "github-actions"
commit-message:
prefix: "ci"
include: "scope"
cooldown:
default-days: 7
# Project Dockerfile base images and pinned binaries
- package-ecosystem: "docker"
directory: "/"
schedule:
interval: "weekly"
open-pull-requests-limit: 2
labels:
- "dependencies"
- "docker"
commit-message:
prefix: "chore"
include: "scope"
cooldown:
default-days: 7