minor #547 Upgrade to GitHub-native Dependabot (dependabot-preview[bot])

This PR was merged into the 1.10 branch. Discussion ---------- _Dependabot Preview will be shut down on August 3rd, 2021. In order to keep getting Dependabot updates, please merge this PR and migrate to GitHub-native Dependabot before then._ Dependabot has been fully integrated into GitHub, so you no longer have to install and manage a separate app. This pull request migrates your configuration from Dependabot.com to a config file, using the [new syntax][new_syntax]. When merged, we'll swap out `dependabot-preview` (me) for a new `dependabot` app, and you'll be all set! With this change, you'll now use the [Dependabot page in GitHub][dependabot_page], rather than the [Dependabot dashboard][dashboard], to monitor your version updates, and you'll configure Dependabot through the new config file rather than a UI. If you've got any questions or feedback for us, please let us know by creating an issue in the [dependabot/dependabot-core][issues] repository. [Learn more about migrating to GitHub-native Dependabot][learn] Please note that regular `@dependabot` commands do not work on this pull request. [dashboard]: https://app.dependabot.com/ [dependabot_page]: https://github.com/Sylius/Sylius-Standard/network/updates [issues]: https://github.com/dependabot/dependabot-core/issues/new?assignees=%40dependabot%2Fpreview-migration-reviewers&labels=E%3A+preview-migration&template=migration-issue.md [learn]: http://docs.github.com/code-security/supply-chain-security/upgrading-from-dependabotcom-to-github-native-dependabot [new_syntax]: https://help.github.com/en/github/administering-a-repository/configuration-options-for-dependency-updates [org_secrets_url]: https://github.com/organizations/Sylius/settings/secrets/dependabot [repo_secrets_url]: https://github.com/Sylius/Sylius-Standard/settings/secrets/dependabot Commits ------- 5650aa3 Upgrade to GitHub-native Dependabot
Sylius · Dec 30, 2021 · ed7cfbe · ed7cfbe
2 parents a969d2a + 5650aa3
commit ed7cfbe
Showing 1 changed file with 34 additions and 0 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,34 @@
+version: 2
+updates:
+- package-ecosystem: composer
+  directory: "/"
+  schedule:
+    interval: daily
+    time: "10:00"
+  open-pull-requests-limit: 10
+  ignore:
+  - dependency-name: stripe/stripe-php
+    versions:
+    - 7.69.0
+    - 7.70.0
+    - 7.72.0
+    - 7.73.0
+    - 7.74.0
+    - 7.75.0
+    - 7.76.0
+  - dependency-name: sylius-labs/coding-standard
+    versions:
+    - 4.0.1
+  - dependency-name: sylius/sylius
+    versions:
+    - 1.9.0
+  - dependency-name: phpstan/phpstan
+    versions:
+    - 0.12.70
+    - 0.12.71
+    - 0.12.73
+  - dependency-name: phpstan/phpstan-webmozart-assert
+    versions:
+    - 0.12.10
+    - 0.12.11
+    - 0.12.9