From 2cb37545a5051afda72a3fc968a642aabdcaead2 Mon Sep 17 00:00:00 2001 From: KK Date: Wed, 9 Oct 2024 18:17:52 +0200 Subject: [PATCH] ci(dependabot): limit allowed dependency-type Add allow section with "direct" dependency-type setting to limit the level of dependencies considered for updates to only the ones listed in the project's pyproject.toml file. --- .github/dependabot.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 76166b0..528ea30 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -20,6 +20,10 @@ updates: commit-message: prefix: "build" include: "scope" + allow: + # limit updates to direct dependencies, so dependencies of direct + # dependencies (like APIS Core) aren't included + - dependency-type: "direct" groups: apis-dependencies: patterns: