mirror of
https://github.com/EFForg/rayhunter.git
synced 2026-05-02 02:09:58 -07:00
1bab75830b
When there is a CVE in some JS package, it seems to coincide with an avalanche of security releases of random other packages. Dependabot can actually create bulk PRs, let's try those.
42 lines
798 B
YAML
42 lines
798 B
YAML
version: 2
|
|
updates:
|
|
# Rust dependencies
|
|
- package-ecosystem: "cargo"
|
|
directory: "/"
|
|
schedule:
|
|
interval: "weekly"
|
|
groups:
|
|
dependency-type:
|
|
patterns:
|
|
- "*"
|
|
|
|
# Python dependencies
|
|
- package-ecosystem: "pip"
|
|
directory: "/tools"
|
|
schedule:
|
|
interval: "weekly"
|
|
groups:
|
|
dependency-type:
|
|
patterns:
|
|
- "*"
|
|
|
|
# daemon/web Node.js dependencies
|
|
- package-ecosystem: "npm"
|
|
directory: "/daemon/web"
|
|
schedule:
|
|
interval: "weekly"
|
|
groups:
|
|
dependency-type:
|
|
patterns:
|
|
- "*"
|
|
|
|
# installer-gui Node.js dependencies
|
|
- package-ecosystem: "npm"
|
|
directory: "/installer-gui"
|
|
schedule:
|
|
interval: "weekly"
|
|
groups:
|
|
dependency-type:
|
|
patterns:
|
|
- "*"
|