Mirror/rayhunter
1
0
Fork 0
mirror of https://github.com/EFForg/rayhunter.git synced 2026-05-30 10:09:27 -07:00
Code Issues Packages Projects Releases Wiki Activity
Files
00e4cb7a7576ea2edcb1558f1687fab925d7ca7b
rayhunter/.github/dependabot.yml
Markus Unterwaditzer 8346f18a5b Fix dependabot config 
PR #998 was supposed to filter dependabot PRs to security updates only.
But applies-to was on the wrong level of nesting.

Also renamed the group from "dependency-type" to "security", right now
we get PRs like "Bump the dependency-type group in /installer-gui with 7
updates#1010"

Search for applies-to on this page:
https://docs.github.com/en/code-security/reference/supply-chain-security/dependabot-options-reference
-- it's on the same level as patterns.

This PR was fully AI-generated, description hand-written though.
2026-04-27 09:16:39 -07:00

54 lines
1.4 KiB
YAML
Raw Blame History

# open-pull-requests-limit is used to disable automated version updates
# security updates are unaffected. see
# * https://docs.github.com/en/code-security/how-tos/secure-your-supply-chain/secure-your-dependencies/configuring-dependabot-version-updates#disabling-dependabot-version-updates
# * https://docs.github.com/en/code-security/reference/supply-chain-security/dependabot-options-reference#open-pull-requests-limit-
version: 2
updates:
# Rust dependencies
- package-ecosystem: "cargo"
directory: "/"
schedule:
interval: "weekly"
open-pull-requests-limit: 0
groups:
security:
applies-to: "security-updates"
patterns:
- "*"
# Python dependencies
- package-ecosystem: "pip"
directory: "/tools"
schedule:
interval: "weekly"
open-pull-requests-limit: 0
groups:
security:
applies-to: "security-updates"
patterns:
- "*"
# daemon/web Node.js dependencies
- package-ecosystem: "npm"
directory: "/daemon/web"
schedule:
interval: "weekly"
open-pull-requests-limit: 0
groups:
security:
applies-to: "security-updates"
patterns:
- "*"
# installer-gui Node.js dependencies
- package-ecosystem: "npm"
directory: "/installer-gui"
schedule:
interval: "weekly"
open-pull-requests-limit: 0
groups:
security:
applies-to: "security-updates"
patterns:
- "*"
Reference in New Issue View Git Blame Copy Permalink