From 331f42dce4f3f1effdaca3413b8c4eb1262c0775 Mon Sep 17 00:00:00 2001 From: Jirka Date: Wed, 1 Feb 2023 20:04:09 +0100 Subject: [PATCH 1/3] adding GH dependabot Co-authored-by: Hugo van Kemenade --- .github/dependabot.yml | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..4f5dc6c6 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,40 @@ +# Basic dependabot.yml file with minimum configuration for two package managers + +version: 2 +updates: + # Enable version updates for python + - package-ecosystem: "pip" + # Look for a `requirements` in the `root` directory + directory: ".github/scripts/" + # Check for updates once a week + schedule: + interval: "monthly" + # Labels on pull requests for version updates only + labels: + - "ci" + pull-request-branch-name: + # Separate sections of the branch name with a hyphen + # for example, `dependabot-npm_and_yarn-next_js-acorn-6.4.1` + separator: "-" + # Allow up to 5 open pull requests for pip dependencies + open-pull-requests-limit: 5 + reviewers: + - "dbieber" + + # Enable version updates for GitHub Actions + - package-ecosystem: "github-actions" + directory: "/" + # Check for updates once a week + schedule: + interval: "monthly" + # Labels on pull requests for version updates only + labels: + - "ci" + pull-request-branch-name: + # Separate sections of the branch name with a hyphen + # for example, `dependabot-npm_and_yarn-next_js-acorn-6.4.1` + separator: "-" + # Allow up to 5 open pull requests for GitHub Actions + open-pull-requests-limit: 5 + reviewers: + - "dbieber" From 81d813b689c29905c9f7656d0c5f04b3f79416e9 Mon Sep 17 00:00:00 2001 From: Jirka Date: Mon, 11 Mar 2024 21:11:23 +0100 Subject: [PATCH 2/3] groups GH bumps --- .github/dependabot.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 4f5dc6c6..dfff34b8 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -27,6 +27,10 @@ updates: # Check for updates once a week schedule: interval: "monthly" + groups: + pip: + patterns: + - "*" # Check all dependencies # Labels on pull requests for version updates only labels: - "ci" From 79110098cc1d2881338bcd515464fa9c69dbe61e Mon Sep 17 00:00:00 2001 From: Jirka Date: Mon, 11 Mar 2024 21:27:16 +0100 Subject: [PATCH 3/3] cleaning comments --- .github/dependabot.yml | 17 ++--------------- 1 file changed, 2 insertions(+), 15 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index dfff34b8..17c20d04 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -4,19 +4,12 @@ version: 2 updates: # Enable version updates for python - package-ecosystem: "pip" - # Look for a `requirements` in the `root` directory directory: ".github/scripts/" - # Check for updates once a week schedule: interval: "monthly" - # Labels on pull requests for version updates only - labels: - - "ci" + labels: ["ci"] pull-request-branch-name: - # Separate sections of the branch name with a hyphen - # for example, `dependabot-npm_and_yarn-next_js-acorn-6.4.1` separator: "-" - # Allow up to 5 open pull requests for pip dependencies open-pull-requests-limit: 5 reviewers: - "dbieber" @@ -24,21 +17,15 @@ updates: # Enable version updates for GitHub Actions - package-ecosystem: "github-actions" directory: "/" - # Check for updates once a week schedule: interval: "monthly" groups: pip: patterns: - "*" # Check all dependencies - # Labels on pull requests for version updates only - labels: - - "ci" + labels: ["ci"] pull-request-branch-name: - # Separate sections of the branch name with a hyphen - # for example, `dependabot-npm_and_yarn-next_js-acorn-6.4.1` separator: "-" - # Allow up to 5 open pull requests for GitHub Actions open-pull-requests-limit: 5 reviewers: - "dbieber"