From 07ad27243344357d84d03196ab8df5c99de17b03 Mon Sep 17 00:00:00 2001 From: "claude[bot]" <41898282+claude[bot]@users.noreply.github.com> Date: Sun, 19 Oct 2025 18:16:20 +0000 Subject: [PATCH 1/2] feat: add Dependabot configuration for dependency updates - Configure npm ecosystem updates (weekly on Mondays) - Configure GitHub Actions updates (weekly on Mondays) - Group related dependencies (Storybook, testing, ESLint, React) - Limit open PRs to prevent overwhelming the team Closes #236 Co-authored-by: Dale Seo --- .github/dependabot.yml | 49 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..bf390bc --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,49 @@ +version: 2 +updates: + # Enable version updates for npm (compatible with Bun) + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + open-pull-requests-limit: 10 + groups: + storybook: + patterns: + - "@storybook/*" + - "storybook" + update-types: + - "minor" + - "patch" + testing: + patterns: + - "@testing-library/*" + - "vitest*" + - "@vitest/*" + update-types: + - "minor" + - "patch" + eslint: + patterns: + - "eslint*" + - "@eslint/*" + - "typescript-eslint" + update-types: + - "minor" + - "patch" + react: + patterns: + - "react" + - "react-dom" + - "@types/react*" + update-types: + - "minor" + - "patch" + + # Enable version updates for GitHub Actions + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + open-pull-requests-limit: 5 From 6b4c9f737f308b4560fe54a742a9b49b3c33bcbf Mon Sep 17 00:00:00 2001 From: Dale Seo Date: Sun, 19 Oct 2025 14:37:25 -0400 Subject: [PATCH 2/2] adjust configuration --- .github/dependabot.yml | 45 +++++++++--------------------------------- 1 file changed, 9 insertions(+), 36 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index bf390bc..aa433ba 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,48 +1,21 @@ version: 2 updates: - # Enable version updates for npm (compatible with Bun) - - package-ecosystem: "npm" + - package-ecosystem: "bun" directory: "/" schedule: interval: "weekly" day: "monday" - open-pull-requests-limit: 10 + open-pull-requests-limit: 5 + cooldown: + default-days: 3 groups: - storybook: - patterns: - - "@storybook/*" - - "storybook" - update-types: - - "minor" - - "patch" - testing: - patterns: - - "@testing-library/*" - - "vitest*" - - "@vitest/*" - update-types: - - "minor" - - "patch" - eslint: - patterns: - - "eslint*" - - "@eslint/*" - - "typescript-eslint" - update-types: - - "minor" - - "patch" - react: - patterns: - - "react" - - "react-dom" - - "@types/react*" - update-types: - - "minor" - - "patch" + production-dependencies: + dependency-type: "production" + development-dependencies: + dependency-type: "development" - # Enable version updates for GitHub Actions - package-ecosystem: "github-actions" - directory: "/" + directory: "/.github/workflows" schedule: interval: "weekly" day: "monday"