mirror of
https://github.com/netblue30/firejail.git
synced 2026-05-15 06:06:02 -06:00
ci: make dependabot updates monthly and bump PR limit (#6338)
It is currently only used for GitHub Actions. The ones used in this
project rarely ever contain notable changes in their changelogs (in a
way that would cause a noticeable difference in our CI).
Also, there are weeks when most/all of the PR/commit activity is from
dependabot PRs being opened/merged. For example, see the output of the
following command:
git log --no-decorate --oneline 9a0db13e12..bef085035
So change the checks from weekly to monthly to reduce the noise.
Additionally, bump `open-pull-requests-limit` to 4, as it seems that we
only have 4 dependencies:
$ git grep 'uses:' -- .github/ | sed -E 's/.*(uses: .*)@.*/\1/' |
LC_ALL=C sort -u
uses: actions/checkout
uses: github/codeql-action/analyze
uses: github/codeql-action/init
uses: step-security/harden-runner
This should ensure that PRs can be opened against all of them when the
dependabot check is run.
This commit is contained in:
Kelvin M. Klann
GitHub
parent
5eeaaa0e01
commit
442032c574
1 changed files with 2 additions and 2 deletions
4
.github/dependabot.yml
vendored
4
.github/dependabot.yml
vendored
|
|
@ -3,5 +3,5 @@ updates:
|
|||
- package-ecosystem: "github-actions"
|
||||
directory: "/"
|
||||
schedule:
|
||||
interval: "weekly"
|
||||
open-pull-requests-limit: 2
|
||||
interval: "monthly"
|
||||
open-pull-requests-limit: 4
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue