Enabled auto merge for dependabots

saptarshimandal1 · saptarshimandal1 · commit 7a5a9c83a973 · 2026-02-12T16:51:44.000Z
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,80 @@
+version: 2
+updates:
+
+  #######################################
+  #  GitHub Actions (Security Best Practice)
+  #######################################
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    labels:
+      - "dependabot"
+    commit-message:
+      prefix: "deps"
+      include: "scope"
+
+  #######################################
+  #  Python (pip) — e.g., requirements.txt
+  #######################################
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    labels:
+      - "dependabot"
+    commit-message:
+      prefix: "pip"
+      include: "scope"
+
+  #######################################
+  #  Docker Dependencies — updates FROM images
+  #######################################
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    labels:
+      - "dependabot"
+    commit-message:
+      prefix: "docker"
+      include: "scope"
+
+  #######################################
+  #  Maven (pom.xml)
+  #######################################
+  - package-ecosystem: "maven"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    labels:
+      - "dependabot"
+    commit-message:
+      prefix: "maven"
+      include: "scope"
+
+  #######################################
+  #  Gradle (build.gradle, gradle.properties)
+  #######################################
+  - package-ecosystem: "gradle"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    labels:
+      - "dependabot"
+    commit-message:
+      prefix: "gradle"
+      include: "scope"
+
+  #######################################
+  #  JavaScript (npm / package.json)
+  #######################################
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    labels:
+      - "dependabot"
+    commit-message:
+      prefix: "npm"
+      include: "scope"
diff --git a/.github/workflows/dependabot-auto-merge.yml b/.github/workflows/dependabot-auto-merge.yml
@@ -1,5 +1,7 @@
 name: Dependabot auto-merge
-on: pull_request
+
+on:
+  pull_request:
 
 permissions:
   contents: write
@@ -16,7 +18,7 @@ jobs:
         with:
           github-token: "${{ secrets.GITHUB_TOKEN }}"
 
-      - name: Approve Dependabot PR
+      - name: Approve PR
         run: gh pr review --approve "$PR_URL"
         env:
           PR_URL: ${{ github.event.pull_request.html_url }}
