Revision control
Copy as Markdown
Other Tools
# Please see the documentation for all configuration options:
version: 2
updates:
# We don't really use Dependabot for Rust dependencies, since we are tracking Gecko,
# but we do want to be notified of security vulnerabilities.
- package-ecosystem: "cargo"
directory: "/"
schedule:
interval: "weekly"
# Disable all non-security updates.
open-pull-requests-limit: 0
cooldown:
default-days: 10
semver-major-days: 20
semver-minor-days: 10
semver-patch-days: 5
- package-ecosystem: "github-actions"
directories:
- "/.github/actions/*"
- "/"
schedule:
interval: "weekly"
cooldown:
default-days: 10
# "semver" not supported for github-actions; see https://docs.github.com/en/code-security/dependabot/working-with-dependabot/dependabot-options-reference#configuration-of-cooldown
# semver-major-days: 20
# semver-minor-days: 10
# semver-patch-days: 5
- package-ecosystem: "docker"
directory: "/qns"
schedule:
interval: "weekly"
cooldown:
default-days: 10
# "semver" not supported for docker; see https://docs.github.com/en/code-security/dependabot/working-with-dependabot/dependabot-options-reference#configuration-of-cooldown
# semver-major-days: 20
# semver-minor-days: 10
# semver-patch-days: 5