use dependabot grouped updates
ignore upload/download-artifact until slsa updates
This commit is contained in:
parent
a694f3bf7a
commit
9080b95cc8
1 changed files with 22 additions and 7 deletions
27
.github/dependabot.yml
vendored
27
.github/dependabot.yml
vendored
|
|
@ -1,9 +1,24 @@
|
||||||
version: 2
|
version: 2
|
||||||
updates:
|
updates:
|
||||||
- package-ecosystem: "github-actions"
|
- package-ecosystem: github-actions
|
||||||
directory: "/"
|
directory: /
|
||||||
schedule:
|
schedule:
|
||||||
interval: "monthly"
|
interval: monthly
|
||||||
day: "monday"
|
ignore:
|
||||||
time: "16:00"
|
# slsa depends on upload/download v3
|
||||||
timezone: "UTC"
|
- dependency-name: actions/upload-artifact
|
||||||
|
versions: '>= 4'
|
||||||
|
- dependency-name: actions/download-artifact
|
||||||
|
versions: '>= 4'
|
||||||
|
groups:
|
||||||
|
github-actions:
|
||||||
|
patterns:
|
||||||
|
- '*'
|
||||||
|
- package-ecosystem: pip
|
||||||
|
directory: /requirements/
|
||||||
|
schedule:
|
||||||
|
interval: monthly
|
||||||
|
groups:
|
||||||
|
python-requirements:
|
||||||
|
patterns:
|
||||||
|
- '*'
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue