From b9c75c19f51ba045329f20e5d192045d855e1748 Mon Sep 17 00:00:00 2001 From: tmustier Date: Thu, 7 May 2026 17:08:18 +0100 Subject: [PATCH] Fix overlapping Dependabot npm config --- .github/dependabot.yml | 36 +++++++++++++----------------------- 1 file changed, 13 insertions(+), 23 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index fd32bd06..9681f57d 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,17 +1,18 @@ version: 2 updates: - # Keep Pi packages in lockstep, but reduce update churn from daily patch releases. + # Keep npm dependencies fresh (security + bugfixes). + # Dependabot only allows one npm update config per directory/target-branch, so + # Pi stack grouping and general npm grouping must live in the same entry. - package-ecosystem: "npm" directory: "/" schedule: - interval: "weekly" - day: "monday" - open-pull-requests-limit: 5 - allow: - - dependency-name: "@earendil-works/pi-ai" - - dependency-name: "@earendil-works/pi-web-ui" - - dependency-name: "@earendil-works/pi-agent-core" + interval: "daily" + open-pull-requests-limit: 10 + ignore: + - dependency-name: "eslint" + update-types: + - "version-update:semver-major" groups: pi-stack: patterns: @@ -21,24 +22,13 @@ updates: update-types: - "minor" - "patch" - - # Keep other npm dependencies fresh (security + bugfixes). - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "daily" - open-pull-requests-limit: 10 - ignore: - - dependency-name: "eslint" - update-types: - - "version-update:semver-major" - - dependency-name: "@earendil-works/pi-ai" - - dependency-name: "@earendil-works/pi-web-ui" - - dependency-name: "@earendil-works/pi-agent-core" - groups: npm-minor-and-patch: patterns: - "*" + exclude-patterns: + - "@earendil-works/pi-ai" + - "@earendil-works/pi-web-ui" + - "@earendil-works/pi-agent-core" update-types: - "minor" - "patch"