Enable dependabot updates

Add dependabot.yml to enable automatic dependency upgrades
This commit is contained in:
Bassem Dghaidi 2024-10-22 13:03:26 +02:00 committed by GitHub
commit 3aef79d3a3
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

22
.github/dependabot.yml vendored Normal file

@ -0,0 +1,22 @@
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
groups:
minor-actions-dependencies:
update-types: [minor, patch]
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "daily"
allow:
- dependency-type: direct
- dependency-type: production