Add Dependabot configuration for uv and npm#34
Conversation
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #34 +/- ##
=======================================
Coverage 95.58% 95.58%
=======================================
Files 6 6
Lines 68 68
=======================================
Hits 65 65
Misses 3 3
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
There was a problem hiding this comment.
Pull request overview
Expands the repository’s Dependabot setup beyond GitHub Actions to also cover application dependencies, aiming to group updates into a single PR with a shared cadence/cooldown.
Changes:
- Introduces a
multi-ecosystem-groupssection intended to centralize scheduling/cooldown behavior. - Adds Dependabot update entries for
uvandnpm, and assigns all ecosystems to the same group.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| multi-ecosystem-groups: | ||
| all: | ||
| schedule: | ||
| interval: "monthly" | ||
| cooldown: | ||
| default-days: 10 |
| directories: | ||
| - "/.github/workflows" | ||
| multi-ecosystem-group: "all" | ||
| - package-ecosystem: "uv" |
| directories: | ||
| - "/.github/workflows" | ||
| multi-ecosystem-group: "all" | ||
| - package-ecosystem: "uv" | ||
| directories: | ||
| - "/" | ||
| multi-ecosystem-group: "all" | ||
| - package-ecosystem: "npm" | ||
| directories: | ||
| - "/" |
osma
left a comment
osma
left a comment
There was a problem hiding this comment.
Looks like the Copilot review is at least partly rubbish. Anyway, might be worth checking out. LGTM
PR #6 added the
.github/dependabot.ymlfile with config only for GH Actions updates.Now this adds configs also for uv and npm controlled dependencies, and groups all updates to a single PR and uses 10 days cooldown for all dependecies.