From 41ee63c1f15be9c11921e78126b08ab591624a74 Mon Sep 17 00:00:00 2001 From: Jakob Ackermann Date: Fri, 4 Sep 2020 09:23:20 +0100 Subject: [PATCH] [misc] add the dependabot config of the buildscripts See inline docs for rationals of each (non-trivial) option. --- server-ce/.github/dependabot.yml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 server-ce/.github/dependabot.yml diff --git a/server-ce/.github/dependabot.yml b/server-ce/.github/dependabot.yml new file mode 100644 index 0000000000..c6f98d843d --- /dev/null +++ b/server-ce/.github/dependabot.yml @@ -0,0 +1,17 @@ +version: 2 +updates: + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + + pull-request-branch-name: + # Separate sections of the branch name with a hyphen + # Docker images use the branch name and do not support slashes in tags + # https://github.com/overleaf/google-ops/issues/822 + # https://docs.github.com/en/github/administering-a-repository/configuration-options-for-dependency-updates#pull-request-branch-nameseparator + separator: "-" + + # Block informal upgrades -- security upgrades use a separate queue. + # https://docs.github.com/en/github/administering-a-repository/configuration-options-for-dependency-updates#open-pull-requests-limit + open-pull-requests-limit: 0