File tree Expand file tree Collapse file tree 2 files changed +84
-2
lines changed
Expand file tree Collapse file tree 2 files changed +84
-2
lines changed Original file line number Diff line number Diff line change 1+ version : 2
2+ updates :
3+
4+ # ######################################
5+ # GitHub Actions (Security Best Practice)
6+ # ######################################
7+ - package-ecosystem : " github-actions"
8+ directory : " /"
9+ schedule :
10+ interval : " daily"
11+ labels :
12+ - " dependabot"
13+ commit-message :
14+ prefix : " deps"
15+ include : " scope"
16+
17+ # ######################################
18+ # Python (pip) — e.g., requirements.txt
19+ # ######################################
20+ - package-ecosystem : " pip"
21+ directory : " /"
22+ schedule :
23+ interval : " daily"
24+ labels :
25+ - " dependabot"
26+ commit-message :
27+ prefix : " pip"
28+ include : " scope"
29+
30+ # ######################################
31+ # Docker Dependencies — updates FROM images
32+ # ######################################
33+ - package-ecosystem : " docker"
34+ directory : " /"
35+ schedule :
36+ interval : " daily"
37+ labels :
38+ - " dependabot"
39+ commit-message :
40+ prefix : " docker"
41+ include : " scope"
42+
43+ # ######################################
44+ # Maven (pom.xml)
45+ # ######################################
46+ - package-ecosystem : " maven"
47+ directory : " /"
48+ schedule :
49+ interval : " daily"
50+ labels :
51+ - " dependabot"
52+ commit-message :
53+ prefix : " maven"
54+ include : " scope"
55+
56+ # ######################################
57+ # Gradle (build.gradle, gradle.properties)
58+ # ######################################
59+ - package-ecosystem : " gradle"
60+ directory : " /"
61+ schedule :
62+ interval : " daily"
63+ labels :
64+ - " dependabot"
65+ commit-message :
66+ prefix : " gradle"
67+ include : " scope"
68+
69+ # ######################################
70+ # JavaScript (npm / package.json)
71+ # ######################################
72+ - package-ecosystem : " npm"
73+ directory : " /"
74+ schedule :
75+ interval : " daily"
76+ labels :
77+ - " dependabot"
78+ commit-message :
79+ prefix : " npm"
80+ include : " scope"
Original file line number Diff line number Diff line change 11name : Dependabot auto-merge
2- on : pull_request
2+
3+ on :
4+ pull_request :
35
46permissions :
57 contents : write
1618 with :
1719 github-token : " ${{ secrets.GITHUB_TOKEN }}"
1820
19- - name : Approve Dependabot PR
21+ - name : Approve PR
2022 run : gh pr review --approve "$PR_URL"
2123 env :
2224 PR_URL : ${{ github.event.pull_request.html_url }}
You can’t perform that action at this time.
0 commit comments