Skip to content

Commit 1e1f817

Browse files
lukischclaude
andcommitted
ci: add grouped security-only Dependabot config
open-pull-requests-limit: 0 disables version-update PRs; the security group bundles Dependabot security fixes per ecosystem into one PR. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_019MauCcvXYKN2n8wj8UYfcT
1 parent e3a594d commit 1e1f817

1 file changed

Lines changed: 13 additions & 0 deletions

File tree

.github/dependabot.yml

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
# Security-only: keine version-updates (limit 0), Security-Fixes gruppiert
2+
version: 2
3+
updates:
4+
- package-ecosystem: "pip"
5+
directory: "/"
6+
schedule:
7+
interval: "weekly"
8+
open-pull-requests-limit: 0
9+
groups:
10+
security:
11+
applies-to: security-updates
12+
patterns:
13+
- "*"

0 commit comments

Comments
 (0)