From 1351c62598367e90ba9a366c8a4d78812433cfad Mon Sep 17 00:00:00 2001 From: Lars Kiesow Date: Sun, 22 Jan 2023 13:55:10 +0100 Subject: [PATCH] Activate Dependabot for Server Dependencies This patch activates Dependabot to automatically submit pull requests updating the server dependencies once per month. This makes it easier to stay up-to-date with potential security problems and library bugs. This will not touch any client libraries. They are outdated and should get updates as well, but they need manual care first before we can think about a semi-automated update process. --- .github/dependabot.yml | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..78628710 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,7 @@ +version: 2 +updates: + - package-ecosystem: npm + directory: / + schedule: + interval: monthly + time: "04:00"