From f9ea6926a78094d79b31c7629cb5b378908214e1 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Thu, 29 Apr 2021 15:06:42 +0000 Subject: [PATCH] Upgrade to GitHub-native Dependabot --- .dependabot/config.yaml | 27 --------------------------- .github/dependabot.yml | 22 ++++++++++++++++++++++ 2 files changed, 22 insertions(+), 27 deletions(-) delete mode 100644 .dependabot/config.yaml create mode 100644 .github/dependabot.yml diff --git a/.dependabot/config.yaml b/.dependabot/config.yaml deleted file mode 100644 index e142b769..00000000 --- a/.dependabot/config.yaml +++ /dev/null @@ -1,27 +0,0 @@ -version: 1 - -update_configs: - - package_manager: "javascript" - directory: "/" - update_schedule: "weekly" - automerged_updates: - - match: - dependency_type: "development" - # Supported dependency types: - # - "development" - # - "production" - # - "all" - update_type: "all" - # Supported updates to automerge: - # - "security:patch" - # SemVer patch update that fixes a known security vulnerability - # - "semver:patch" - # SemVer patch update, e.g. > 1.x && 1.0.1 to 1.0.3 - # - "semver:minor" - # SemVer minor update, e.g. > 1.x && 2.1.4 to 2.3.1 - # - "in_range" - # matching the version requirement in your package manifest - # - "all" - - match: - dependency_type: "production" - update_type: "semver:patch" diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..ddef804c --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,22 @@ +version: 2 +updates: +- package-ecosystem: npm + directory: "/" + schedule: + interval: weekly + time: "12:00" + ignore: + - dependency-name: hosted-git-info + versions: + - 3.0.7 + - 3.0.8 + - 4.0.0 + - 4.0.1 + - dependency-name: nock + versions: + - 13.0.6 + - 13.0.7 + - 13.0.9 + - dependency-name: handlebars + versions: + - 4.7.6