Skip to content

Commit

Permalink
Add Dependabot config (#343)
Browse files Browse the repository at this point in the history 
This config will direct Dependabot to update the minimum version of any
internal dependencies to match the latest publish version.

Since this is a library, there's no particular need for us to update
our dependencies when new versions are released that are within the
current range. However, it is still convenient. We often want to
require updates because they bring in bug fixes or other improvements,
and this makes updating lockfiles in each product easier (as Yarn will
keep the old version of the library in the lockfile if it can, which
requires manual intervention to prevent).
  • Loading branch information
@Gudahtt @MajorLift
Gudahtt authored and MajorLift committed Oct 11, 2023
1 parent 1c6507d commit c4996b2
Showing 1 changed file with 12 additions and 0 deletions.
12 changes: 12 additions & 0 deletions .github/dependabot.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# Please see the documentation for all configuration options:
# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates

version: 2
updates:
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "daily"
allow:
- dependency-name: "@metamask/*"
versioning-strategy: "increase"

0 comments on commit c4996b2

Please sign in to comment.