Skip to content

Commit e01f312

Browse files
committed
ci: extend Dependabot to all Go modules
Signed-off-by: Joshua Temple <joshua.temple@stablekernel.com>
1 parent d8217f5 commit e01f312

1 file changed

Lines changed: 15 additions & 11 deletions

File tree

.github/dependabot.yml

Lines changed: 15 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,22 +1,26 @@
11
version: 2
22
updates:
3-
# Library module: the state kernel.
3+
# Go modules across the whole suite. The "/**" glob covers every module that
4+
# carries a go.mod (the state kernel, telemetry adapters, transport, wasm, the
5+
# sink core, every SDK-backed sink destination, the examples, and the build
6+
# tooling). The SDK destinations are where transitive advisories (x/crypto,
7+
# x/net, x/sys, and the cloud SDKs themselves) surface, so they must be watched
8+
# too. Updates are grouped per module so each module's bumps land in a single
9+
# PR rather than one PR per dependency.
410
- package-ecosystem: gomod
5-
directory: /state
11+
directories:
12+
- "/**"
613
schedule:
714
interval: weekly
15+
groups:
16+
go-modules:
17+
patterns:
18+
- "*"
819
commit-message:
920
prefix: "chore"
1021

11-
# Build-automation module.
12-
- package-ecosystem: gomod
13-
directory: /magefiles
14-
schedule:
15-
interval: weekly
16-
commit-message:
17-
prefix: "chore"
18-
19-
# GitHub Actions workflows.
22+
# GitHub Actions workflows. Keeps the SHA-pinned action references current
23+
# (Dependabot updates both the pin and its version comment).
2024
- package-ecosystem: github-actions
2125
directory: /
2226
schedule:

0 commit comments

Comments
 (0)