hazza/dspace-angular
1
0
Fork 1
mirror of https://github.com/DSpace/dspace-angular.git synced 2025-10-07 01:54:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix bug in dependabot.yml "security-updates" settings

Browse Source 
"security-updates" configs can only be in sections where there is no "target-branch". This is because they only apply to the primary branch.
This commit is contained in:
Tim Donohue
2024-10-23 11:31:16 -05:00
committed by GitHub
parent c7497cdf4e
commit 92ee89e8e5
1 changed files with 6 additions and 116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

122
.github/dependabot.yml vendored
View File

@@ -1,12 +1,16 @@
# Enable Dependabot NPM updates for all dependencies on a weekly basis #-------------------
# DSpace's dependabot rules. Enables npm updates for all dependencies on a weekly basis
# for main and any maintenance branches. Security updates only apply to main.
#-------------------
version: 2 version: 2
updates: updates:
############### ###############
## Main branch ## Main branch
############### ###############
# NOTE: At this time, "security-updates" rules only apply if "target-branch" is unspecified
# So, only this first section can include "applies-to: security-updates"
- package-ecosystem: "npm" - package-ecosystem: "npm"
directory: "/" directory: "/"
target-branch: main
schedule: schedule:
interval: "weekly" interval: "weekly"
# Allow up to 10 open PRs for dependencies # Allow up to 10 open PRs for dependencies
@@ -159,14 +163,6 @@ updates:
update-types: update-types:
- "minor" - "minor"
- "patch" - "patch"
# Group together all security updates for Angular. Only accept minor/patch types.
angular-security:
applies-to: security-updates
patterns:
- "@angular*"
update-types:
- "minor"
- "patch"
# Group together all minor/patch version updates for NgRx in a single PR # Group together all minor/patch version updates for NgRx in a single PR
ngrx: ngrx:
applies-to: version-updates applies-to: version-updates
@@ -175,14 +171,6 @@ updates:
update-types: update-types:
- "minor" - "minor"
- "patch" - "patch"
# Group together all security updates for NgRx. Only accept minor/patch types.
ngrx-security:
applies-to: security-updates
patterns:
- "@ngrx*"
update-types:
- "minor"
- "patch"
# Group together all patch version updates for eslint in a single PR # Group together all patch version updates for eslint in a single PR
eslint: eslint:
applies-to: version-updates applies-to: version-updates
@@ -192,15 +180,6 @@ updates:
update-types: update-types:
- "minor" - "minor"
- "patch" - "patch"
# Group together all security updates for eslint.
eslint-security:
applies-to: security-updates
patterns:
- "@typescript-eslint*"
- "eslint*"
update-types:
- "minor"
- "patch"
# Group together any testing related version updates # Group together any testing related version updates
testing: testing:
applies-to: version-updates applies-to: version-updates
@@ -213,18 +192,6 @@ updates:
update-types: update-types:
- "minor" - "minor"
- "patch" - "patch"
# Group together any testing related security updates
testing:
applies-to: security-updates
patterns:
- "@cypress*"
- "cypress*"
- "jasmine*"
- "karma*"
- "ng-mocks"
update-types:
- "minor"
- "patch"
# Group together any postcss related version updates # Group together any postcss related version updates
postcss: postcss:
applies-to: version-updates applies-to: version-updates
@@ -233,23 +200,7 @@ updates:
update-types: update-types:
- "minor" - "minor"
- "patch" - "patch"
# Group together any postcss related security updates
postcss:
applies-to: security-updates
patterns:
- "postcss*"
update-types:
- "minor"
- "patch"
# Group together any sass related version updates # Group together any sass related version updates
sass:
applies-to: version-updates
patterns:
- "sass*"
update-types:
- "minor"
- "patch"
# Group together any sass related security updates
sass: sass:
applies-to: version-updates applies-to: version-updates
patterns: patterns:
@@ -265,14 +216,6 @@ updates:
update-types: update-types:
- "minor" - "minor"
- "patch" - "patch"
# Group together any webpack related seurity updates
webpack:
applies-to: security-updates
patterns:
- "webpack*"
update-types:
- "minor"
- "patch"
ignore: ignore:
# Ignore all major version updates for all dependencies. We'll only automate minor/patch updates. # Ignore all major version updates for all dependencies. We'll only automate minor/patch updates.
- dependency-name: "*" - dependency-name: "*"
@@ -297,14 +240,6 @@ updates:
update-types: update-types:
- "minor" - "minor"
- "patch" - "patch"
# Group together all security updates for Angular. Only accept minor/patch types.
angular-security:
applies-to: security-updates
patterns:
- "@angular*"
update-types:
- "minor"
- "patch"
# Group together all minor/patch version updates for NgRx in a single PR # Group together all minor/patch version updates for NgRx in a single PR
ngrx: ngrx:
applies-to: version-updates applies-to: version-updates
@@ -313,14 +248,6 @@ updates:
update-types: update-types:
- "minor" - "minor"
- "patch" - "patch"
# Group together all security updates for NgRx. Only accept minor/patch types.
ngrx-security:
applies-to: security-updates
patterns:
- "@ngrx*"
update-types:
- "minor"
- "patch"
# Group together all patch version updates for eslint in a single PR # Group together all patch version updates for eslint in a single PR
eslint: eslint:
applies-to: version-updates applies-to: version-updates
@@ -330,15 +257,6 @@ updates:
update-types: update-types:
- "minor" - "minor"
- "patch" - "patch"
# Group together all security updates for eslint.
eslint-security:
applies-to: security-updates
patterns:
- "@typescript-eslint*"
- "eslint*"
update-types:
- "minor"
- "patch"
# Group together any testing related version updates # Group together any testing related version updates
testing: testing:
applies-to: version-updates applies-to: version-updates
@@ -351,18 +269,6 @@ updates:
update-types: update-types:
- "minor" - "minor"
- "patch" - "patch"
# Group together any testing related security updates
testing:
applies-to: security-updates
patterns:
- "@cypress*"
- "cypress*"
- "jasmine*"
- "karma*"
- "ng-mocks"
update-types:
- "minor"
- "patch"
# Group together any postcss related version updates # Group together any postcss related version updates
postcss: postcss:
applies-to: version-updates applies-to: version-updates
@@ -371,14 +277,6 @@ updates:
update-types: update-types:
- "minor" - "minor"
- "patch" - "patch"
# Group together any postcss related security updates
postcss:
applies-to: security-updates
patterns:
- "postcss*"
update-types:
- "minor"
- "patch"
# Group together any sass related version updates # Group together any sass related version updates
sass: sass:
applies-to: version-updates applies-to: version-updates
@@ -387,14 +285,6 @@ updates:
update-types: update-types:
- "minor" - "minor"
- "patch" - "patch"
# Group together any sass related security updates
sass:
applies-to: version-updates
patterns:
- "sass*"
update-types:
- "minor"
- "patch"
ignore: ignore:
# 7.x Cannot update Webpack past v5.76.1 as later versions not supported by Angular 15 # 7.x Cannot update Webpack past v5.76.1 as later versions not supported by Angular 15
# See also https://github.com/DSpace/dspace-angular/pull/3283#issuecomment-2372488489 # See also https://github.com/DSpace/dspace-angular/pull/3283#issuecomment-2372488489