ci(dependabot): limit allowed dependency-type

Add allow section with "direct" dependency-type setting to limit the level of dependencies considered for updates to only the ones listed in the project's pyproject.toml file.
acdh-oeaw · Oct 9, 2024 · 2cb3754 · 2cb3754
1 parent a252503
commit 2cb3754
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -20,6 +20,10 @@ updates:
     commit-message:
       prefix: "build"
       include: "scope"
+    allow:
+      # limit updates to direct dependencies, so dependencies of direct
+      # dependencies (like APIS Core) aren't included
+      - dependency-type: "direct"
     groups:
       apis-dependencies:
         patterns: