Filter for security updates only in Dependabot

Signed-off-by: Jakub Sokołowski <jakub@status.im>
This commit is contained in:
Pedro Pombeiro 2019-10-14 18:41:05 +02:00 committed by Jakub Sokołowski
parent afc2412514
commit d317d8a6c7
No known key found for this signature in database
GPG Key ID: 4EF064D0E6D63020
1 changed files with 10 additions and 0 deletions

10
.dependabot/config.yml Normal file → Executable file
View File

@ -15,12 +15,22 @@ update_configs:
- package_manager: "javascript"
directory: "/mobile/js_files"
update_schedule: "weekly"
allowed_updates:
- match:
update_type: security
default_reviewers:
- "jakubgs"
# Keep /desktop/js_files/yarn.lock up to date, batching pull requests weekly
- package_manager: "javascript"
directory: "/desktop/js_files"
update_schedule: "weekly"
allowed_updates:
- match:
update_type: all
dependency_type: direct
- match:
update_type: security
dependency_type: indirect
default_reviewers:
- "vkjr"
- "jakubgs"