From ae3bc559f98e68983df0a4b223dad7afeb6eee2c Mon Sep 17 00:00:00 2001 From: Michael Kubacki Date: Thu, 10 Nov 2022 07:26:23 -0500 Subject: [PATCH] .github/dependabot.yml: Enable dependabot Enables dependabot in this repo so we can better alerted when dependency updates are available. This GitHub action will automatically create pull requests and summarize the dependency details. Because it is a pull request, the CI system will validate the dependency update in the pull request. Configures dependabot for: 1. PIP module updates 2. GitHub action updates The maintainers/reviewers of the .github directory were added as pull request reviewers so they can be notified when the pull request is available. Note to Maintainers: After this change is committed, PRs from dependabot will be automatically created in the edk2 repo. Never set the 'push' label directly on these PRs. If a dependency identified by dependedabot looks like one that should be updated in the edk2 repo, then copy the PR generated by dependabot to your personal fork and update the commit message to follow the edk2 commit message requirements and send as a normal code review. Cc: Sean Brogan Cc: Michael D Kinney Signed-off-by: Michael Kubacki Reviewed-by: Michael D Kinney Reviewed-by: Sean Brogan --- .github/dependabot.yml | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000000..b4e0b93b16 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,34 @@ +## @file +# Dependabot configuration file to enable GitHub services for managing and updating +# dependencies. +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +# Please see the documentation for all configuration options: +# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates +## +version: 2 +updates: + - package-ecosystem: "pip" + directory: "/" + schedule: + interval: "daily" + commit-message: + prefix: "pip" + reviewers: + - "makubacki" + - "mdkinney" + - "spbrogan" + + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + commit-message: + prefix: "GitHub Action" + reviewers: + - "makubacki" + - "mdkinney" + - "spbrogan"