diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..0197fe1 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,27 @@ + # For details on how this file works refer to: + # - https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file +version: 2 +updates: + # Maintain dependencies for GitHub Actions + # - Check for updates once a week + # - Group all updates into a single PR + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + groups: + all-actions: + patterns: [ "*" ] + + # Maintain dependencies for TypeScript and JavaScript + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + time: "04:00" + timezone: "Canada/Pacific" + ignore: + - dependency-name: "*" + update-types: ["version-update:semver-major", "version-update:semver-patch"] +