chore: add Dependabot configuration

[DeepakNemad]

What:-

• Add dependabot.yml file configuration

Why:-

• Auto scan packages and dependencies

Summary by CodeRabbit

Chores

• Expanded dependency update automation to include Docker containers and Docker Compose services alongside existing npm and GitHub Actions monitoring
• Reorganized update grouping strategy for npm packages and GitHub Actions to separately handle patch and minor version updates

[coderabbitai]

Warning

Rate limit exceeded

@DeepakNemad has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 35 minutes and 18 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 15e3825b-7a6e-4a0e-a897-45f0e75dc0ae

📥 Commits

Reviewing files that changed from the base of the PR and between 23ed8ef and 5f1b0c0.

⛔ Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (2)

• .github/dependabot.yml
• package.json

📝 Walkthrough

Walkthrough

.github/dependabot.yml is expanded to manage dependencies across four ecosystems. The npm and github-actions ecosystems are refined to split updates into separate patch and minor groups with updated labels. Docker and Docker Compose are added as new managed ecosystems with weekly scheduling and build-related commit prefixes.

Changes

Dependabot Configuration Expansion

Layer / File(s)	Summary
Existing ecosystem grouping refinements .github/dependabot.yml (lines 7–75)	npm and github-actions update targets are refined to group both patch and minor updates separately (replacing the prior minor-only strategy), with adjusted labels (dependencies, devops) and removed open-pull-requests-limit/allow blocks.
New docker ecosystem additions .github/dependabot.yml (lines 76–145)	docker and docker-compose are added as new Dependabot update targets with weekly schedules, patch/minor grouping, devops and docker/docker-compose labels, and build commit-message prefixes.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Possibly related PRs

• credebl/agent-controller#370: Both PRs modify .github/dependabot.yml Dependabot configuration for npm and GitHub Actions grouping, with this PR extending coverage to docker ecosystems.

Suggested reviewers

• sairanjit

Poem

🐰 Four ecosystems now in view,
Patch and minor, grouped so true,
Docker joins the watching crew,
Dependabot knows what to do! 📦

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'chore: add Dependabot configuration' accurately describes the main change in the pull request, which adds/updates Dependabot configuration to support Docker, Docker Compose, and npm/GitHub Actions dependency management.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch chore/add-dependabot-config

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud