From 20ef3b0cbdb85b7db9534a737e2c6b36c7176ebe Mon Sep 17 00:00:00 2001 From: Francis6-git Date: Sun, 29 Mar 2026 21:10:35 +0100 Subject: [PATCH] chore: configure Dependabot for Rust and npm ecosystems --- .github/dependabot.yml | 43 +++++++++++++++++++++++++++++++----------- 1 file changed, 32 insertions(+), 11 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 291c225..cc15256 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,22 +1,26 @@ version: 2 updates: - # 1. GitHub Actions infrastructure + # 1. GitHub Actions (CI/CD workflows) - package-ecosystem: "github-actions" directory: "/" schedule: interval: "weekly" - groups: - actions-updates: - patterns: - - "*" + labels: + - "automation" + - "maintenance" - # 2. Rust Smart Contract + # 2. Rust Smart Contract (Soroban) + # Matches your strict security requirements in deny.toml - package-ecosystem: "cargo" directory: "/contract" schedule: interval: "weekly" + labels: + - "dependencies" + - "smart-contract" + - "security" groups: - contract-dependencies: + contract-deps: patterns: - "*" @@ -25,17 +29,34 @@ updates: directory: "/keeper" schedule: interval: "weekly" + labels: + - "dependencies" + - "keeper" + - "backend" groups: - keeper-dependencies: + keeper-deps: patterns: - "*" - # 4. Next.js Frontend + # 4. Next.js Frontend Dashboard - package-ecosystem: "npm" directory: "/frontend" schedule: interval: "weekly" + labels: + - "dependencies" + - "frontend" + - "ui" groups: - frontend-dependencies: + frontend-deps: patterns: - - "*" \ No newline at end of file + - "*" + + # 5. Root Project (Monorepo Tooling: Husky/Lint-staged) + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "weekly" + labels: + - "maintenance" + - "dx" # Developer Experience