Skip to content

chore: normalize dependabot config#362

Merged
RichardSlater merged 1 commit into
mainfrom
chore/normalize-dependabot
May 27, 2026
Merged

chore: normalize dependabot config#362
RichardSlater merged 1 commit into
mainfrom
chore/normalize-dependabot

Conversation

@RichardSlater

Copy link
Copy Markdown

Summary

  • normalize .github/dependabot.yml to the team default schedule and metadata
  • add grouped low-risk Maven updates with cooldown
  • remove disabled rebasing and reduce the open PR limit

Validation

  • bash .github/skills/normalize-dependabot-config/scripts/validate-dependabot-schema.sh .github/dependabot.yml

Copilot AI review requested due to automatic review settings May 27, 2026 09:31

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR normalizes the repository’s Dependabot configuration to align with the team’s standard schedule/metadata and to reduce update noise for this Maven parent POM.

Changes:

  • Standardize the weekly schedule (explicit time + UTC timezone) and reduce the open PR limit.
  • Add default PR metadata (reviewers, labels, commit message prefix) and remove the disabled rebase strategy.
  • Introduce a “low-risk” group for minor/patch Maven updates and add a cooldown window.

Comment thread .github/dependabot.yml
@sonarqubecloud

Copy link
Copy Markdown

@RichardSlater RichardSlater self-assigned this May 27, 2026
@RichardSlater RichardSlater added the dependencies Pull requests that update a dependency file label May 27, 2026
@RichardSlater RichardSlater enabled auto-merge (squash) May 27, 2026 09:57
@RichardSlater RichardSlater merged commit a36da50 into main May 27, 2026
3 checks passed
@RichardSlater RichardSlater deleted the chore/normalize-dependabot branch May 27, 2026 09:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants