From b9a4f4d1560e4a3476c56d94c79bc0d3efd93c33 Mon Sep 17 00:00:00 2001
From: Jamie Holding <me@jamie.holdings>
Date: Mon, 20 Apr 2026 09:07:12 +0000
Subject: [PATCH] ci(dependabot): require reviewer on all Dependabot PRs

Prevents auto-merge of broken action bumps (like checkout@v6 which
broke all CI). Dependabot PRs now request review from cubehouse
before they can be merged.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .github/dependabot.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 2823f1e..6743197 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -7,6 +7,8 @@ updates:
       day: monday
       time: '06:00'
     open-pull-requests-limit: 5
+    reviewers:
+      - 'cubehouse'
     groups:
       dev-dependencies:
         patterns:
@@ -31,5 +33,7 @@ updates:
       day: monday
       time: '06:00'
     open-pull-requests-limit: 5
+    reviewers:
+      - 'cubehouse'
     commit-message:
       prefix: 'ci'