.github/dependabot.yml at main

roost.tools / coop
fork
Mirror of https://github.com/roostorg/coop github.com/roostorg/coop
fork
coop / .github / dependabot.yml
at main 169 lines 4.6 kB view raw
wrap content
Juan Mrad dependabot: ignore major version updates (#358) 1hr ago
f7760d7a
  1# To get started with Dependabot version updates, you'll need to specify which
  2# package ecosystems to update and where the package manifests are located.
  3# Please see the documentation for all configuration options:
  4# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
  5#
  6# Major version updates are disabled for now across every ecosystem/directory.
  7# Security updates are unaffected (Dependabot ignores `ignore` rules for
  8# security advisories), so majors still land when they fix a vulnerability.
  9
 10version: 2
 11updates:
 12  # Enable version updates for Docker
 13  - package-ecosystem: "docker"
 14    directories:
 15      - "/"
 16      - "/client"
 17      - "/db"
 18      - "/hma"
 19      - "/nodejs-instrumentation"
 20    schedule:
 21      interval: "weekly"
 22    ignore:
 23      - dependency-name: "*"
 24        update-types: ["version-update:semver-major"]
 25
 26  # Enable version updates for npm
 27  - package-ecosystem: 'npm'
 28    directory: '/'
 29    schedule:
 30      interval: 'weekly'
 31    ignore:
 32      - dependency-name: '*'
 33        update-types: ['version-update:semver-major']
 34    groups:
 35      root-prod-security:
 36        dependency-type: 'production'
 37        applies-to: 'security-updates'
 38        patterns:
 39          - '*'
 40      root-prod:
 41        dependency-type: 'production'
 42        applies-to: 'version-updates'
 43        patterns:
 44          - '*'
 45      root-dev:
 46        dependency-type: 'development'
 47        applies-to: 'version-updates'
 48        patterns:
 49          - '*'
 50
 51  - package-ecosystem: 'npm'
 52    directory: '/db'
 53    schedule:
 54      interval: 'weekly'
 55    ignore:
 56      - dependency-name: '*'
 57        update-types: ['version-update:semver-major']
 58    groups:
 59      db-prod-security:
 60        dependency-type: 'production'
 61        applies-to: 'security-updates'
 62        patterns:
 63          - '*'
 64      db-prod:
 65        dependency-type: 'production'
 66        applies-to: 'version-updates'
 67        patterns:
 68          - '*'
 69      db-dev:
 70        dependency-type: 'development'
 71        applies-to: 'version-updates'
 72        patterns:
 73          - '*'
 74
 75  - package-ecosystem: 'npm'
 76    directory: '/migrator'
 77    schedule:
 78      interval: 'weekly'
 79    ignore:
 80      - dependency-name: '*'
 81        update-types: ['version-update:semver-major']
 82    groups:
 83      migrator-prod-security:
 84        dependency-type: 'production'
 85        applies-to: 'security-updates'
 86        patterns:
 87          - '*'
 88      migrator-prod:
 89        dependency-type: 'production'
 90        applies-to: 'version-updates'
 91        patterns:
 92          - '*'
 93      migrator-dev:
 94        dependency-type: 'development'
 95        applies-to: 'version-updates'
 96        patterns:
 97          - '*'
 98
 99  - package-ecosystem: 'npm'
100    directory: '/server'
101    schedule:
102      interval: 'weekly'
103    ignore:
104      - dependency-name: '*'
105        update-types: ['version-update:semver-major']
106    groups:
107      server-prod-security:
108        dependency-type: 'production'
109        applies-to: 'security-updates'
110        patterns:
111          - '*'
112      server-prod:
113        dependency-type: 'production'
114        applies-to: 'version-updates'
115        patterns:
116          - '*'
117      server-dev:
118        dependency-type: 'development'
119        applies-to: 'version-updates'
120        patterns:
121          - '*'
122
123  - package-ecosystem: 'npm'
124    directory: '/client'
125    schedule:
126      interval: 'weekly'
127    ignore:
128      - dependency-name: '*'
129        update-types: ['version-update:semver-major']
130    groups:
131      client-prod-security:
132        dependency-type: 'production'
133        applies-to: 'security-updates'
134        patterns:
135          - '*'
136      client-prod:
137        dependency-type: 'production'
138        applies-to: 'version-updates'
139        patterns:
140          - '*'
141      client-dev:
142        dependency-type: 'development'
143        applies-to: 'version-updates'
144        patterns:
145          - '*'
146
147  - package-ecosystem: 'npm'
148    directory: '/nodejs-instrumentation'
149    schedule:
150      interval: 'weekly'
151    ignore:
152      - dependency-name: '*'
153        update-types: ['version-update:semver-major']
154    groups:
155      nodejs-instrumentation-prod-security:
156        dependency-type: 'production'
157        applies-to: 'security-updates'
158        patterns:
159          - '*'
160      nodejs-instrumentation-prod:
161        dependency-type: 'production'
162        applies-to: 'version-updates'
163        patterns:
164          - '*'
165      nodejs-instrumentation-dev:
166        dependency-type: 'development'
167        applies-to: 'version-updates'
168        patterns:
169          - '*'
Configure Feed

Configure Feed
