Update dependabot.yml

orust-org · Nov 14, 2024 · 63510bc · 63510bc
1 parent f647389
commit 63510bc
Showing 1 changed file with 22 additions and 8 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -1,11 +1,25 @@
-# To get started with Dependabot version updates, you'll need to specify which
-# package ecosystems to update and where the package manifests are located.
-# Please see the documentation for all configuration options:
-# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
-
 version: 2
 updates:
-  - package-ecosystem: "" # See documentation for possible values
-    directory: "/" # Location of package manifests
+  - package-ecosystem: "npm" 
+    directory: "/" 
     schedule:
-      interval: "weekly"
+      interval: "weekly" # 
+      day: "monday" 
+      time: "04:00" 
+    commit-message:
+      prefix: "chore(deps)" 
+      include: "scope" 
+    pull-request-branch-name:
+      prefix: "dependabot" 
+    versioning-strategy: "increase" 
+    ignore:
+      - dependency-name: "express" 
+        versions: ["4.x"] 
+    labels:
+      - "dependencies" 
+      - "security" 
+    reviewers:
+      - "reviewer1" 
+    assignees:
+      - "username" 
+    open-pull-requests-limit: 100