Add in dependabot security scanning/updates (#2743)

2025-12-15 22:47:01 +00:00 · 2023-08-10 08:54:21 -04:00
parent e752edf7b5
commit 765a5c3efc
1 changed files with 20 additions and 0 deletions
--- a/dependabot.yml
+++ b/dependabot.yml
@@ -0,0 +1,20 @@
+version: 2
+updates:
+- package-ecosystem: "docker"
+  directory: "/images"
+  schedule:
+    interval: "daily" 
+  target-branch: "main" 
+- package-ecosystem: "nuget"
+  directory: "/src"
+  schedule:
+    interval: "daily" 
+  target-branch: "main" 
+- package-ecosystem: "npm"
+  directory: "/src/Misc/expressionFunc/hashFiles"
+  schedule:
+    interval: "daily" 
+  target-branch: "main" 
+  allow:
+  - dependency-type: direct
+  - dependency-type: production # check only dependencies, which are going to the compiled app, not supporting tools like @vue-cli