chore(dependabot): Allows only security patches (#4075)

* feat(dependabot): Add dependabot to check for vulnerabilies and update dependencies --------- Signed-off-by: BLANKatGITHUB <[email protected]> Signed-off-by: Blanky <[email protected]>
dragonflydb · Nov 8, 2024 · 43060ba · 43060ba
1 parent 41d8df6
commit 43060ba
Showing 1 changed file with 38 additions and 0 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -5,16 +5,54 @@ updates:
     schedule:
       interval: "weekly"
 
+    open-pull-requests-limit: 1
+    groups:
+      actions:
+        patterns:
+          - "*"
+
+
   - package-ecosystem: "gomod"
     directories:
       - "/contrib/charts/dragonfly"
       - "/tools/replay"
     schedule:
       interval: "weekly"
 
+    open-pull-requests-limit: 1
+    #uncomment it to group dependency updates
+    #groups:
+      #go-mod:
+        #patterns:
+          #- "*"
+    ignore:
+      # Disable all updates except security updates
+      #remove an item from ignore list to get dependency updates of that kind
+      - dependency-name: "*"
+        update-types:
+          - "version-update:semver-major"
+          - "version-update:semver-minor"
+          - "version-update:semver-patch"
+
+
+
   - package-ecosystem: "pip"
     directories:
       - "/tests/dragonfly"
       - "/tools"
     schedule:
       interval: "weekly"
+
+    #uncomment it to group dependency updates
+    #groups:
+      #py-dep:
+        #patterns:
+          #- "*"
+    ignore:
+      # Disable all updates except security updates
+      #remove an item from ignore list to get dependency updates of that kind
+      - dependency-name: "*"
+        update-types:
+          - "version-update:semver-major"
+          - "version-update:semver-minor"
+          - "version-update:semver-patch"