Merge branch 'main' into trouze/eager-capability-checks

sd-db · web-flow · commit 642d57cf9f5a · 2026-04-13T23:36:13.000+05:30
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -1,15 +1,17 @@
 version: 2
 updates:
-  # Python dependencies
+  # Python dependencies — security updates only
   - package-ecosystem: "pip"
     directory: "/"
     schedule:
-      interval: "daily"
+      interval: "weekly"
+    open-pull-requests-limit: 0
     rebase-strategy: "disabled"
 
-  # GitHub Actions — auto-update SHA pins
+  # GitHub Actions — security updates only
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:
       interval: "weekly"
+    open-pull-requests-limit: 0
     rebase-strategy: "disabled"
