hazza/dspace-angular
1
0
Fork 1
mirror of https://github.com/DSpace/dspace-angular.git synced 2025-10-07 01:54:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
813f9ba23f5a562c7055b8285082bd204b18a9eb
dspace-angular/.github/dependabot.yml
Tim Donohue 813f9ba23f Merge pull request #4483 from alanorth/dependabot-typescript 
.github/dependabot.yml: adjust rules for typescript
2025-07-29 09:28:54 -05:00

443 lines
12 KiB
YAML
Raw Blame History

#-------------------
# DSpace's dependabot rules. Enables npm updates for all dependencies on a weekly basis
# for main and any maintenance branches. Security updates only apply to main.
#-------------------
version: 2
updates:
###############
## Main branch
###############
# NOTE: At this time, "security-updates" rules only apply if "target-branch" is unspecified
# So, only this first section can include "applies-to: security-updates"
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "weekly"
time: "05:00"
# Allow up to 10 open PRs for dependencies
open-pull-requests-limit: 10
# Group together Angular package upgrades
groups:
# Group together all minor/patch version updates for Angular in a single PR
angular:
applies-to: version-updates
patterns:
- "@angular*"
- "@ngtools/webpack"
update-types:
- "minor"
- "patch"
# Group together all security updates for Angular. Only accept minor/patch types.
angular-security:
applies-to: security-updates
patterns:
- "@angular*"
- "@ngtools/webpack"
update-types:
- "minor"
- "patch"
# Group together all minor/patch version updates for NgRx in a single PR
ngrx:
applies-to: version-updates
patterns:
- "@ngrx*"
update-types:
- "minor"
- "patch"
# Group together all security updates for NgRx. Only accept minor/patch types.
ngrx-security:
applies-to: security-updates
patterns:
- "@ngrx*"
update-types:
- "minor"
- "patch"
# Group together all patch version updates for eslint in a single PR
eslint:
applies-to: version-updates
patterns:
- "@typescript-eslint*"
- "eslint*"
update-types:
- "minor"
- "patch"
# Group together all security updates for eslint.
eslint-security:
applies-to: security-updates
patterns:
- "@typescript-eslint*"
- "eslint*"
update-types:
- "minor"
- "patch"
# Group together any testing related version updates
testing:
applies-to: version-updates
patterns:
- "@cypress*"
- "axe-*"
- "cypress*"
- "jasmine*"
- "karma*"
- "ng-mocks"
update-types:
- "minor"
- "patch"
# Group together any testing related security updates
testing-security:
applies-to: security-updates
patterns:
- "@cypress*"
- "axe-*"
- "cypress*"
- "jasmine*"
- "karma*"
- "ng-mocks"
update-types:
- "minor"
- "patch"
# Group together any postcss related version updates
postcss:
applies-to: version-updates
patterns:
- "postcss*"
update-types:
- "minor"
- "patch"
# Group together any postcss related security updates
postcss-security:
applies-to: security-updates
patterns:
- "postcss*"
update-types:
- "minor"
- "patch"
# Group together any sass related version updates
sass:
applies-to: version-updates
patterns:
- "sass*"
update-types:
- "minor"
- "patch"
# Group together any sass related security updates
sass-security:
applies-to: security-updates
patterns:
- "sass*"
update-types:
- "minor"
- "patch"
# Group together any webpack related version updates
webpack:
applies-to: version-updates
patterns:
- "webpack*"
update-types:
- "minor"
- "patch"
# Group together any webpack related seurity updates
webpack-security:
applies-to: security-updates
patterns:
- "webpack*"
update-types:
- "minor"
- "patch"
# Restrict zone.js updates to patch level to avoid dependency conflicts with @angular/core
zonejs:
applies-to: version-updates
patterns:
- "zone.js"
update-types:
- "patch"
# Restrict typescript updates to patch level because that's what our package.json says
typescript:
applies-to: version-updates
patterns:
- "typescript"
update-types:
- "patch"
ignore:
# Ignore all major version updates for all dependencies. We'll only automate minor/patch updates.
- dependency-name: "*"
update-types: ["version-update:semver-major"]
#####################
## dspace-9_x branch
#####################
- package-ecosystem: "npm"
directory: "/"
target-branch: dspace-9_x
schedule:
interval: "weekly"
time: "05:00"
# Allow up to 10 open PRs for dependencies
open-pull-requests-limit: 10
# Group together Angular package upgrades
groups:
# Group together all patch version updates for Angular in a single PR
angular:
applies-to: version-updates
patterns:
- "@angular*"
- "@ngtools/webpack"
update-types:
- "minor"
- "patch"
# Group together all minor/patch version updates for NgRx in a single PR
ngrx:
applies-to: version-updates
patterns:
- "@ngrx*"
- "@ngtools/webpack"
update-types:
- "minor"
- "patch"
# Group together all patch version updates for eslint in a single PR
eslint:
applies-to: version-updates
patterns:
- "@typescript-eslint*"
- "eslint*"
update-types:
- "minor"
- "patch"
# Group together any testing related version updates
testing:
applies-to: version-updates
patterns:
- "@cypress*"
- "axe-*"
- "cypress*"
- "jasmine*"
- "karma*"
- "ng-mocks"
update-types:
- "minor"
- "patch"
# Group together any postcss related version updates
postcss:
applies-to: version-updates
patterns:
- "postcss*"
update-types:
- "minor"
- "patch"
# Group together any sass related version updates
sass:
applies-to: version-updates
patterns:
- "sass*"
update-types:
- "minor"
- "patch"
# Group together any webpack related version updates
webpack:
applies-to: version-updates
patterns:
- "webpack*"
update-types:
- "minor"
- "patch"
# Restrict zone.js updates to patch level to avoid dependency conflicts with @angular/core
zonejs:
applies-to: version-updates
patterns:
- "zone.js"
update-types:
- "patch"
# Restrict typescript updates to patch level because that's what our package.json says
typescript:
applies-to: version-updates
patterns:
- "typescript"
update-types:
- "patch"
ignore:
# Ignore all major version updates for all dependencies. We'll only automate minor/patch updates.
- dependency-name: "*"
update-types: ["version-update:semver-major"]
#####################
## dspace-8_x branch
#####################
- package-ecosystem: "npm"
directory: "/"
target-branch: dspace-8_x
schedule:
interval: "weekly"
time: "05:00"
# Allow up to 10 open PRs for dependencies
open-pull-requests-limit: 10
# Group together Angular package upgrades
groups:
# Group together all patch version updates for Angular in a single PR
angular:
applies-to: version-updates
patterns:
- "@angular*"
- "@ngtools/webpack"
update-types:
- "minor"
- "patch"
# Group together all minor/patch version updates for NgRx in a single PR
ngrx:
applies-to: version-updates
patterns:
- "@ngrx*"
update-types:
- "minor"
- "patch"
# Group together all patch version updates for eslint in a single PR
eslint:
applies-to: version-updates
patterns:
- "@typescript-eslint*"
- "eslint*"
update-types:
- "minor"
- "patch"
# Group together any testing related version updates
testing:
applies-to: version-updates
patterns:
- "@cypress*"
- "axe-*"
- "cypress*"
- "jasmine*"
- "karma*"
- "ng-mocks"
update-types:
- "minor"
- "patch"
# Group together any postcss related version updates
postcss:
applies-to: version-updates
patterns:
- "postcss*"
update-types:
- "minor"
- "patch"
# Group together any sass related version updates
sass:
applies-to: version-updates
patterns:
- "sass*"
update-types:
- "minor"
- "patch"
# Group together any webpack related version updates
webpack:
applies-to: version-updates
patterns:
- "webpack*"
update-types:
- "minor"
- "patch"
# Restrict zone.js updates to patch level to avoid dependency conflicts with @angular/core
zonejs:
applies-to: version-updates
patterns:
- "zone.js"
update-types:
- "patch"
# Restrict typescript updates to patch level because that's what our package.json says
typescript:
applies-to: version-updates
patterns:
- "typescript"
update-types:
- "patch"
ignore:
# Ignore all major version updates for all dependencies. We'll only automate minor/patch updates.
- dependency-name: "*"
update-types: ["version-update:semver-major"]
#####################
## dspace-7_x branch
#####################
- package-ecosystem: "npm"
directory: "/"
target-branch: dspace-7_x
schedule:
interval: "weekly"
time: "05:00"
# Allow up to 10 open PRs for dependencies
open-pull-requests-limit: 10
# Group together Angular package upgrades
groups:
# Group together all minor/patch version updates for Angular in a single PR
angular:
applies-to: version-updates
patterns:
- "@angular*"
- "@ngtools/webpack"
update-types:
- "minor"
- "patch"
# Group together all minor/patch version updates for NgRx in a single PR
ngrx:
applies-to: version-updates
patterns:
- "@ngrx*"
update-types:
- "minor"
- "patch"
# Group together all patch version updates for eslint in a single PR
eslint:
applies-to: version-updates
patterns:
- "@typescript-eslint*"
- "eslint*"
update-types:
- "minor"
- "patch"
# Group together any testing related version updates
testing:
applies-to: version-updates
patterns:
- "@cypress*"
- "axe-*"
- "cypress*"
- "jasmine*"
- "karma*"
- "ng-mocks"
update-types:
- "minor"
- "patch"
# Group together any postcss related version updates
postcss:
applies-to: version-updates
patterns:
- "postcss*"
update-types:
- "minor"
- "patch"
# Group together any sass related version updates
sass:
applies-to: version-updates
patterns:
- "sass*"
update-types:
- "minor"
- "patch"
# Restrict zone.js updates to patch level to avoid dependency conflicts with @angular/core
zonejs:
applies-to: version-updates
patterns:
- "zone.js"
update-types:
- "patch"
# Restrict typescript updates to patch level because that's what our package.json says
typescript:
applies-to: version-updates
patterns:
- "typescript"
update-types:
- "patch"
ignore:
# 7.x Cannot update Webpack past v5.76.1 as later versions not supported by Angular 15
# See also https://github.com/DSpace/dspace-angular/pull/3283#issuecomment-2372488489
- dependency-name: "webpack"
# Ignore all major version updates for all dependencies. We'll only automate minor/patch updates.
- dependency-name: "*"
update-types: ["version-update:semver-major"]
Reference in New Issue View Git Blame Copy Permalink