Configure Dependabot for npm and GitHub Actions

noobie-bob · web-flow · commit 3a9da6ab1496 · 2025-12-17T12:26:43.000+05:30
Added configuration for npm and GitHub Actions updates.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,28 @@
+# Basic `dependabot.yml` file with
+# minimum configuration for three package managers
+
+version: 2
+updates:
+  # Enable version updates for npm
+  - package-ecosystem: "npm"
+    # Look for `package.json` and `lock` files in the `root` directory
+    directory: "/"
+    # Check the npm registry for updates every day (weekdays)
+    schedule:
+      interval: "daily"
+
+  # # Enable version updates for Docker
+  # - package-ecosystem: "docker"
+  #   # Look for a `Dockerfile` in the `root` directory
+  #   directory: "/"
+  #   # Check for updates once a week
+  #   schedule:
+  #     interval: "weekly"
+
+  # Enable version updates for GitHub Actions
+  - package-ecosystem: "github-actions"
+    # Workflow files stored in the default location of `.github/workflows`
+    # You don't need to specify `/.github/workflows` for `directory`. You can use `directory: "/"`.
+    directory: "/"
+    schedule:
+      interval: "weekly"
