Add python dependabot configs for our various roots, set freq to week…

…ly for all add browser team to actions updates reviewers also limit actions updates to security vulnerabilities dependabot docs say pip-compile but this wants pip fix comment wrt daily/weekly
broadinstitute · May 31, 2024 · 309ad4e · 309ad4e
1 parent 937a2d2
commit 309ad4e
Showing 1 changed file with 41 additions and 7 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -1,14 +1,48 @@
-#  - Disables non-security update PRs
-#  - Schedules security update PRs daily
+#  - Disables non-security update PRs (by setting pull requests limit to 0)
+#  - Schedules security update PRs weekly
 #  - Auto assigns PRs to the gnomad-browser team
 
 version: 2
 updates:
-  - package-ecosystem: "npm"
-    directory: "/"
+  - package-ecosystem: 'npm'
+    directory: '/'
     schedule:
-      interval: "daily"
-    # Disable version updates for npm dependencies
+      interval: 'weekly'
     open-pull-requests-limit: 0
     reviewers:
-      - "broadinstitute/gnomad-browser"
+      - 'broadinstitute/gnomad-browser'
+  - package-ecosystem: 'pip'
+    directory: '/deploy/dockerfiles/blog'
+    schedule:
+      interval: 'weekly'
+    open-pull-requests-limit: 0
+    reviewers:
+      - 'broadinstitute/gnomad-browser'
+  - package-ecosystem: 'pip'
+    directory: '/'
+    schedule:
+      interval: 'weekly'
+    open-pull-requests-limit: 0
+    reviewers:
+      - 'broadinstitute/gnomad-browser'
+  - package-ecosystem: 'pip'
+    directory: '/deploy/deployctl'
+    schedule:
+      interval: 'weekly'
+    open-pull-requests-limit: 0
+    reviewers:
+      - 'broadinstitute/gnomad-browser'
+  - package-ecosystem: 'pip'
+    directory: '/data-pipeline'
+    schedule:
+      interval: 'weekly'
+    open-pull-requests-limit: 0
+    reviewers:
+      - 'broadinstitute/gnomad-browser'
+  - package-ecosystem: 'github-actions'
+    directory: '/'
+    schedule:
+      interval: 'weekly'
+    open-pull-requests-limit: 0
+    reviewers:
+      - 'broadinstitute/gnomad-browser'