Group dependabot updates #289
Conversation
There was a problem hiding this comment.
Pull request overview
This PR introduces Dependabot configuration to automatically group dependency updates for the monorepo's npm packages. The configuration sets up weekly automated dependency checks for three workspace packages (docker, hooklib, and k8s), with all dependencies grouped into single pull requests per package to reduce PR noise.
Key Changes:
- Added Dependabot configuration with weekly update schedule
- Configured dependency grouping to consolidate all updates per workspace package into single PRs
- Set up monitoring for three npm workspace packages: docker, hooklib, and k8s
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| updates: | ||
| # Group updates into a single PR per workspace package | ||
| - package-ecosystem: npm | ||
| directory: "/packages/docker" | ||
| schedule: | ||
| interval: weekly | ||
| groups: | ||
| all-dependencies: | ||
| patterns: | ||
| - "*" | ||
| - package-ecosystem: npm | ||
| directory: "/packages/hooklib" | ||
| schedule: | ||
| interval: weekly | ||
| groups: | ||
| all-dependencies: | ||
| patterns: | ||
| - "*" | ||
| - package-ecosystem: npm | ||
| directory: "/packages/k8s" | ||
| schedule: | ||
| interval: weekly | ||
| groups: | ||
| all-dependencies: | ||
| patterns: | ||
| - "*" |
There was a problem hiding this comment.
The Dependabot configuration is missing an entry for the root directory ("/"). The root package.json contains multiple dependencies and devDependencies (such as eslint, prettier, typescript, @types packages, etc.) that should also be monitored for updates. Consider adding a configuration block for the root directory:
- package-ecosystem: npm
directory: "/"
schedule:
interval: weekly
groups:
all-dependencies:
patterns:
- "*"
No description provided.