mirror of
https://github.com/jlengrand/bugsink.git
synced 2026-03-10 08:01:17 +00:00
37 lines
1.1 KiB
YAML
37 lines
1.1 KiB
YAML
version: 2
|
|
updates:
|
|
- package-ecosystem: pip
|
|
directory: "/"
|
|
schedule:
|
|
interval: daily
|
|
time: "15:00"
|
|
groups:
|
|
python-packages:
|
|
patterns:
|
|
- "*"
|
|
ignore:
|
|
# Upgrading Django: we'll time this ourselves
|
|
- dependency-name: "django"
|
|
versions:
|
|
- ">=6.0"
|
|
|
|
# As per Django; for each django version we match the verbose_csrf_middleware
|
|
- dependency-name: "verbose_csrf_middleware"
|
|
versions:
|
|
- ">=6.0"
|
|
|
|
# 8.7.2. is the last version to support ProcessState (i.e. minidump parsing) which we need
|
|
- dependency-name: "symbolic"
|
|
versions:
|
|
- ">8.7.2"
|
|
|
|
# Turn off all pull requests for npm dependencies; we only use npm as a development-side
|
|
# dependency (for tailwind, the results of which we simply commit into the repo).
|
|
# This looks like a work-around ("limit: 0") but it's in fact the official way:
|
|
# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates#example-disabling-version-updates-for-some-dependencies
|
|
- package-ecosystem: "npm"
|
|
directory: "/"
|
|
schedule:
|
|
interval: "weekly"
|
|
open-pull-requests-limit: 0
|