.github/dependabot.yml from trufflesuite/truffle

.github/dependabot.yml

Summary

Maintainability

Test Coverage

Issues
Source
Stats

Issues

# Please see the documentation for all configuration options:
# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates

version: 2
updates:
  - package-ecosystem: "npm" # this section is for version update PRs
    directory: "/" # Location of package manifests
    schedule:
      interval: "daily"
    allow:
      - dependency-name: "ganache"
    reviewers:
      - "trufflesuite/truffle-core-devs"
  - package-ecosystem: "npm" # this section is for security update PRs
    directory: "./" # Location of package manifests
    schedule:
      interval: "weekly"
    # Disable version updates for npm dependencies
    # see https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates#overriding-the-default-behavior-with-a-configuration-file
    open-pull-requests-limit: 0