DependaBot config to automate dependency updates.
- Set up weekly checks for GitHub Actions, npm, and pip, with custom groupings for better organization.
- This should help keep project dependencies current and secure with minimal manual effort.
---
version: 1
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
time: "08:00"
target-branch: "develop"
open-pull-requests-limit: 5
groups:
github-actions:
applies-to: version-updates
patterns:
- "actions/*"
- "github/*"
your-custom-group:
applies-to: version-updates
patterns:
- "your-org/*"
-
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "weekly"
time: "09:00"
target-branch: "develop"
open-pull-requests-limit: 5
groups:
dev-dependencies:
applies-to: version-updates
dependency-type: "development"
- package-ecosystem: "pip"
directory: "/"
schedule:
interval: "weekly"
time: "10:00"
target-branch: "develop"
open-pull-requests-limit: 5