Skip to content

Limit Dependabot to grouped minor/major and security updates, ignore patch bumps#43

Merged
Drumm3r merged 2 commits into
mainfrom
chore-dependabot-patch-ignore
Jun 17, 2026
Merged

Limit Dependabot to grouped minor/major and security updates, ignore patch bumps#43
Drumm3r merged 2 commits into
mainfrom
chore-dependabot-patch-ignore

Conversation

@Drumm3r

@Drumm3r Drumm3r commented Jun 17, 2026

Copy link
Copy Markdown
Owner

What does this PR do?

Reduces Dependabot PR noise. Dependabot now opens one grouped weekly PR per
ecosystem
for minor/major version updates instead of a separate PR for every
patch bump. Routine patch version-updates are ignored; security updates are
unaffected and still open individually.

Related Issue

none

Changes

  • .github/dependabot.yml: add groups (*) and ignore patch
    (version-update:semver-patch) to both gradle and github-actions
    ecosystems; keep weekly schedule and open-pull-requests-limit: 5.

Screenshots

n/a: CI config only

Checklist

  • Code compiles without errors - n/a, no app code changed
  • Unit tests pass - n/a
  • Lint passes - n/a
  • New strings use stringResource() ... - n/a
  • UI changes include contentDescription - n/a
  • README updated (if adding a user-facing feature) - n/a, no user-facing change

@Drumm3r Drumm3r merged commit f9a3da7 into main Jun 17, 2026
1 check passed
@Drumm3r Drumm3r deleted the chore-dependabot-patch-ignore branch June 17, 2026 09:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant