OpenFrontIO/.github/dependabot.yml

# Update schedule for GitHub Actions https://docs.github.com/en/code-security/how-tos/secure-your-supply-chain/secure-your-dependencies/keeping-your-actions-up-to-date-with-dependabot

version: 2
updates:
  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
      interval: "monthly"
    groups:
      updates:
        applies-to: version-updates
        patterns: ["*"] # wildcard, needs brackets as bugfix apparently
      security:
        applies-to: security-updates
        patterns: ["*"]
  - package-ecosystem: "gomod"
    directory: "/map-generator"
    schedule:
      interval: "monthly"
    open-pull-requests-limit: 0 # exclude version updates
    groups:
      golang:
        applies-to: security-updates
        patterns: ["*"]