[ANCHOR-680] Enable only security updates for Dependabot (#1344)

### Description As title. Updates on every version are causing spamming and instability Reference: [Specifying dependencies and versions to ignore](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#specifying-dependencies-and-versions-to-ignore) ### Testing - `./gradlew test`
stellar · Apr 23, 2024 · 7256673 · 7256673
1 parent 76ae0b3
commit 7256673
Showing 1 changed file with 9 additions and 2 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -8,9 +8,13 @@ updates:
   - package-ecosystem: "gradle" # See documentation for possible values
     directory: "/" # Location of package manifests
     schedule:
-      interval: "weekly"
+      interval: "daily"
       time: "09:00"
       timezone: "US/Pacific"
+    # ignore all version updates but keep security updates
+    ignore:
+      - dependency-name: "*"
+        update-types: [version-update:semver-major, version-update:semver-minor, version-update:semver-patch]
     commit-message:
       prefix: "[Gradle]"
     open-pull-requests-limit: 10
@@ -23,9 +27,12 @@ updates:
   - package-ecosystem: "docker"
     directory: "/"
     schedule:
-      interval: "weekly"
+      interval: "daily"
       time: "09:00"
       timezone: "US/Pacific"
+    ignore:
+      - dependency-name: "*"
+        update-types: [ version-update:semver-major, version-update:semver-minor, version-update:semver-patch ]
     commit-message:
       prefix: "[Docker]"
     open-pull-requests-limit: 10