Skip to content

Commit

Permalink
ci: configure the labels for dependabot PRs (canonical#1407)
Browse files Browse the repository at this point in the history
For GitHub actions dependabot PRs: only use the `dependencies` label,
rather than both that and `github_actions`.

For pip (Python) dependabot PRs: we only have security dependabot PRs
enabled, so add the same label restriction (avoiding a `python` label)
but this requires adding a section to configure dependabot, and then
essentially disabling most of it by setting the maximum PRs to 0
(security PRs will still be opened).
  • Loading branch information
tonyandrewmeyer authored Oct 3, 2024
1 parent 3e64042 commit df9afbe
Showing 1 changed file with 9 additions and 0 deletions.
9 changes: 9 additions & 0 deletions .github/dependabot.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,3 +4,12 @@ updates:
directory: "/"
schedule:
interval: "monthly" # This is hard-coded to the 1st of the month
labels:
- "dependencies"
- package-ecosystem: "pip"
directory: "/"
schedule:
interval: "daily"
open-pull-requests-limit: 0 # Security updates only
labels:
- "dependencies"

0 comments on commit df9afbe

Please sign in to comment.