From 2ee68323d5acb8833a7826f5378825430d227bcb Mon Sep 17 00:00:00 2001
From: Tim Donohue <tim.donohue@lyrasis.org>
Date: Wed, 30 Jul 2025 11:53:04 -0500
Subject: [PATCH] Update dependabot to run monthly

---
 .github/dependabot.yml | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 4773fbedab..5ad56e2954 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -11,8 +11,9 @@ updates:
   # So, only this first section can include "applies-to: security-updates"
   - package-ecosystem: "npm"
     directory: "/"
+    # Monthly dependency updates (NOTE: "schedule" doesn't apply to security updates)
     schedule:
-      interval: "weekly"
+      interval: "monthly"
       time: "05:00"
     # Allow up to 10 open PRs for dependencies
     open-pull-requests-limit: 10
@@ -169,7 +170,7 @@ updates:
     directory: "/"
     target-branch: dspace-9_x
     schedule:
-      interval: "weekly"
+      interval: "monthly"
       time: "05:00"
     # Allow up to 10 open PRs for dependencies
     open-pull-requests-limit: 10
@@ -264,7 +265,7 @@ updates:
     directory: "/"
     target-branch: dspace-8_x
     schedule:
-      interval: "weekly"
+      interval: "monthly"
       time: "05:00"
     # Allow up to 10 open PRs for dependencies
     open-pull-requests-limit: 10
@@ -358,7 +359,7 @@ updates:
     directory: "/"
     target-branch: dspace-7_x
     schedule:
-      interval: "weekly"
+      interval: "monthly"
       time: "05:00"
     # Allow up to 10 open PRs for dependencies
     open-pull-requests-limit: 10