PrivateBin/.github/dependabot.yml
rugk 3c8c32fbcb
Add/enable Dependabot to keep dependencies up-to-date
Enabled update checking via Dependabot for
* GitHub Actions for updates or in case you are going to use that (just my default)
* PHP aka Composer

We successfully use it [for our Docker container](https://github.com/PrivateBin/docker-nginx-fpm-alpine/blob/master/.github/dependabot.yml) and IMHO that has worked quite well, so IMHO, we can also use it here now.
2022-06-09 23:42:03 +02:00

15 lines
578 B
YAML

version: 2
updates:
# Maintain dependencies for GitHub Actions
# src: https://github.com/marketplace/actions/build-and-push-docker-images#keep-up-to-date-with-github-dependabot
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "daily"
# Also keep PHP (Composer) dependencies up-to-date
# see: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem
- package-ecosystem: "composer"
directory: "/"
schedule:
interval: "daily"