From 1c4eb8e6d377ce539d138fede4e691f09138c08d Mon Sep 17 00:00:00 2001 From: Joe Corall Date: Thu, 14 Nov 2024 08:36:56 -0500 Subject: [PATCH] Have dependabot run composer update for us --- .github/workflows/dependabot.yml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 .github/workflows/dependabot.yml diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml new file mode 100644 index 00000000..ba94ea47 --- /dev/null +++ b/.github/workflows/dependabot.yml @@ -0,0 +1,18 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file + +version: 2 +updates: + - package-ecosystem: "composer" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + versioning-strategy: increase-if-necessary + allow: + - dependency-type: "all" + commit-message: + prefix: "composer update" + include: "scope"