Skip to content

Commit abb9ef0

Browse files
author
hallelx2
committed
chore(standards): created local '.github/dependabot.yml' from remote '.github/dependabot.yml'
Synced AI-review standards from hallelx2/dev-standards.
1 parent 3acb8af commit abb9ef0

1 file changed

Lines changed: 24 additions & 0 deletions

File tree

.github/dependabot.yml

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
# Dependency CVE automation. Dependabot opens PRs for vulnerable/outdated deps.
2+
# Ecosystems with no manifest in a given repo are simply skipped.
3+
# Also enable per repo: Settings → Code security → Dependabot alerts + security updates.
4+
version: 2
5+
updates:
6+
- package-ecosystem: github-actions
7+
directory: "/"
8+
schedule:
9+
interval: weekly
10+
labels: [dependencies, security]
11+
12+
- package-ecosystem: gomod
13+
directory: "/"
14+
schedule:
15+
interval: weekly
16+
open-pull-requests-limit: 5
17+
labels: [dependencies, security]
18+
19+
- package-ecosystem: npm
20+
directory: "/"
21+
schedule:
22+
interval: weekly
23+
open-pull-requests-limit: 5
24+
labels: [dependencies, security]

0 commit comments

Comments
 (0)