714344d297
This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure. Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com> Co-authored-by: repo-ranger[bot] <39074581+repo-ranger[bot]@users.noreply.github.com>
44 lines
1.2 KiB
YAML
44 lines
1.2 KiB
YAML
version: 2
|
|
updates:
|
|
# shields.io dependencies
|
|
- package-ecosystem: npm
|
|
directory: '/'
|
|
schedule:
|
|
interval: weekly
|
|
day: friday
|
|
time: '12:00'
|
|
open-pull-requests-limit: 99
|
|
ignore:
|
|
# https://github.com/badges/shields/issues/7324
|
|
# https://github.com/badges/shields/issues/7447
|
|
# we're stuck with these versions until Safari is compatible with lookbehind regex syntax
|
|
# https://caniuse.com/js-regexp-lookbehind
|
|
- dependency-name: 'decamelize'
|
|
- dependency-name: 'humanize-string'
|
|
|
|
# https://github.com/badges/shields/pull/7288#issuecomment-974699240
|
|
- dependency-name: '@types/node'
|
|
|
|
# badge-maker package dependencies
|
|
- package-ecosystem: npm
|
|
directory: '/badge-maker'
|
|
schedule:
|
|
interval: weekly
|
|
day: friday
|
|
time: '12:00'
|
|
open-pull-requests-limit: 99
|
|
|
|
# close-bot package dependencies
|
|
- package-ecosystem: npm
|
|
directory: '/.github/actions/close-bot'
|
|
schedule:
|
|
interval: weekly
|
|
day: friday
|
|
time: '12:00'
|
|
open-pull-requests-limit: 99
|
|
- package-ecosystem: 'github-actions'
|
|
directory: '/'
|
|
schedule:
|
|
interval: weekly
|
|
open-pull-requests-limit: 99
|