Create dependabot.yml#372
Conversation
There was a problem hiding this comment.
Pull request overview
Adds a new Dependabot configuration so this repository can receive automated weekly update PRs for JavaScript dependencies and GitHub Actions. This fits the existing Node/pnpm-based setup and CI workflows by centralizing dependency maintenance under .github.
Changes:
- Enable weekly Dependabot version updates for the
npmecosystem at the repository root. - Group npm minor/patch updates into separate production and development PRs.
- Enable weekly Dependabot updates for GitHub Actions with a single catch-all group.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| groups: | ||
| actions: | ||
| patterns: ["*"] |
There was a problem hiding this comment.
@copilot apply changes based on this feedback
There was a problem hiding this comment.
Fixed in 0db5683 — added update-types: ["minor", "patch"] to the actions group so major GitHub Actions version bumps are excluded from the group and remain as individual PRs for manual review.
|
Check out the recent updates to your Headless Platform preview environment:
Learn more about preview environments in our documentation. |
Agent-Logs-Url: https://github.com/wpengine/faustjs.org/sessions/5d89e734-9a84-481e-afdd-c761ddd42e0c Co-authored-by: josephfusco <6676674+josephfusco@users.noreply.github.com>
|
Check out the recent updates to your Headless Platform preview environment:
Learn more about preview environments in our documentation. |
Adds
.github/dependabot.ymlto enable weekly automated dependency update PRs for npm and GitHub Actions. Minor and patch updates are grouped separately for production and development dependencies to reduce PR noise, while major version bumps remain as individual PRs for review.