Configure Dependabot

Dependabot is an automatic utility which periodically checks for updates in our dependencies and open issues or merge requests to ask to update them. This can be useful to avoid security issues in the long run. Signed-off-by: Nicolas Paul <n@nc0.fr>
author: Nicolas Paul <n@nc0.fr> 2024-03-05 11:17:52 +0100
committer: Nicolas Paul <n@nc0.fr> 2024-03-05 11:17:52 +0100
commit: a06abaae4e121779977345721f0f08e3c0d2d394 (patch)
tree: 6491ee4910b025095e3b29f724f7d6c23bb3f6ae
parent: 3b1d43db9fcad1eb83f6186aa5c8ec434b8131b1 (diff)
1 files changed, 21 insertions, 0 deletions
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..e7df35e
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,21 @@
+enable-beta-ecosystems: true
+version: 2
+updates:
+  - directory: /
+    package-ecosystem: npm
+    rebase-strategy: auto
+    assignees: [nc0fr]
+    insecure-external-code-execution: deny
+    open-pull-requests-limit: 20
+    target-branch: master
+    schedule:
+      interval: monthly
+  - directory: /
+    package-ecosystem: github-actions
+    rebase-strategy: auto
+    assignees: [nc0fr]
+    insecure-external-code-execution: deny
+    open-pull-requests-limit: 20
+    target-branch: master
+    schedule:
+      interval: monthly
author	Nicolas Paul <n@nc0.fr>	2024-03-05 11:17:52 +0100
committer	Nicolas Paul <n@nc0.fr>	2024-03-05 11:17:52 +0100
commit	a06abaae4e121779977345721f0f08e3c0d2d394 (patch)
tree	6491ee4910b025095e3b29f724f7d6c23bb3f6ae
parent	3b1d43db9fcad1eb83f6186aa5c8ec434b8131b1 (diff)