From 7ca54562996aedd144b0ef754aa465e8ff5abebe Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Tue, 1 Jun 2021 16:53:55 -0700 Subject: [PATCH] Enable dependabot This should enable a bot that auto-creates PRs to update dependencies. For more info, see https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically Once enabled, dependabot work should be seen at https://github.com/opencontainers/runc/network/updates (as well as new PRs). Signed-off-by: Kir Kolyshkin --- .github/dependabot.yml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 000000000..4bd9208ec --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,25 @@ +# Please see the documentation for all configuration options: +# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates + +version: 2 +updates: + # Dependencies listed in go.mod + - package-ecosystem: "gomod" + directory: "/" # Location of package manifests + schedule: + interval: "daily" + ignore: + # a regression in v1.22.2, see https://github.com/urfave/cli/issues/1092 + - dependency-name: "github.com/urfave/cli" + + # Dependencies listed in .github/workflows/*.yml + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" + + # Dependencies listed in Dockerfile + - package-ecosystem: "docker" + directory: "/" + schedule: + interval: "daily"