Skip to content

Commit 1036261

Browse files
committed
Add Dependabot
1 parent 1967e18 commit 1036261

2 files changed

Lines changed: 45 additions & 0 deletions

File tree

.github/dependabot.yml

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,25 @@
1+
version: 2
2+
3+
# Dependabot configuration: checks for dependency updates on a daily basis.
4+
# You can adjust the package-ecosystem entries or add more as needed (e.g. "github-actions").
5+
# See https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates
6+
updates:
7+
- package-ecosystem: "maven"
8+
directory: "/"
9+
schedule:
10+
interval: "monthly"
11+
open-pull-requests-limit: 1
12+
groups:
13+
dependencies:
14+
patterns:
15+
- "*"
16+
17+
- package-ecosystem: "github-actions"
18+
directory: "/"
19+
schedule:
20+
interval: "monthly"
21+
open-pull-requests-limit: 1
22+
groups:
23+
actions:
24+
patterns:
25+
- "*"

.github/workflows/dependabot.yml

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
name: "Dependabot periodic run"
2+
3+
on:
4+
schedule:
5+
# every day at midnight UTC; adjust as needed
6+
- cron: '0 0 * * *'
7+
workflow_dispatch: {} # allows manual triggering
8+
9+
jobs:
10+
notify:
11+
name: Notify about Dependabot schedule
12+
runs-on: ubuntu-latest
13+
steps:
14+
- name: Checkout repo
15+
uses: actions/checkout@v6
16+
- name: Log message
17+
run: |
18+
echo "This workflow is intended to accompany the dependabot config."
19+
echo "Dependabot itself is managed by the service using .github/dependabot.yml."
20+
echo "It will run daily and can also be triggered manually via the 'Run workflow' button."

0 commit comments

Comments
 (0)