From 3420883a6dec12aef210cede98403281d6c3f680 Mon Sep 17 00:00:00 2001
From: jmeridth <jmeridth@gmail.com>
Date: Wed, 29 May 2024 12:58:40 -0500
Subject: [PATCH 1/2] chore: limit dependency updates to only security updates

- [x] limit npm and docker dependencies to only security updates
  - [docs](https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates#:~:text=If%20you%20only%20require%20security%20updates%20and%20want%20to%20exclude%20version%20updates%2C%20you%20can%20set%20open%2Dpull%2Drequests%2Dlimit%20to%200%20in%20order%20to%20prevent%20version%20updates%20for%20a%20given%20package%2Decosystem.)
- [x] allow updates to github actions dependencies but group minor and patch updates

Signed-off-by: jmeridth <jmeridth@gmail.com>
---
 .github/dependabot.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 522ea2c..25e2e51 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -4,6 +4,8 @@ updates:
     directory: '/'
     schedule:
       interval: 'weekly'
+    # limit to only security updates
+    open-pull-requests-limit: 0
     commit-message:
       prefix: 'chore'
       prefix-development: 'chore'
@@ -12,6 +14,8 @@ updates:
     directory: '/'
     schedule:
       interval: 'weekly'
+    # limit to only security updates
+    open-pull-requests-limit: 0
     commit-message:
       prefix: 'chore'
       prefix-development: 'chore'
@@ -24,3 +28,9 @@ updates:
       prefix: 'chore'
       prefix-development: 'chore'
       include: 'scope'
+    groups:
+      dependencies:
+        applies-to: version-updates
+        update-types:
+          - 'minor'
+          - 'patch'

From 172b46498bd134c32e9b8c5e825afc8b472d81f3 Mon Sep 17 00:00:00 2001
From: jmeridth <jmeridth@gmail.com>
Date: Wed, 29 May 2024 13:05:08 -0500
Subject: [PATCH 2/2] chore: change from only security updates to grouping

gonna try grouping first to see if that reduces the PR spam

Signed-off-by: jmeridth <jmeridth@gmail.com>
---
 .github/dependabot.yml | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 25e2e51..d5d99a8 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -4,22 +4,30 @@ updates:
     directory: '/'
     schedule:
       interval: 'weekly'
-    # limit to only security updates
-    open-pull-requests-limit: 0
     commit-message:
       prefix: 'chore'
       prefix-development: 'chore'
       include: 'scope'
+    groups:
+      dependencies:
+        applies-to: version-updates
+        update-types:
+          - 'minor'
+          - 'patch'
   - package-ecosystem: 'docker'
     directory: '/'
     schedule:
       interval: 'weekly'
-    # limit to only security updates
-    open-pull-requests-limit: 0
     commit-message:
       prefix: 'chore'
       prefix-development: 'chore'
       include: 'scope'
+    groups:
+      dependencies:
+        applies-to: version-updates
+        update-types:
+          - 'minor'
+          - 'patch'
   - package-ecosystem: 'github-actions'
     directory: '/'
     schedule: