From 9945c3cc1975921e22c5b717ef818f035dabd381 Mon Sep 17 00:00:00 2001 From: Claude Date: Sun, 12 Jul 2026 14:21:40 +0000 Subject: [PATCH] Update dependabot github-actions config: quarterly cadence, version-only group Switch the update schedule to quarterly and scope the actions group to version updates only (applies-to: version-updates) so security PRs remain standalone and land quickly instead of being batched. --- .github/dependabot.yml | 5 +++-- project_name/.github/dependabot.yml | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 8e5296d..e8bd779 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -3,10 +3,11 @@ updates: - package-ecosystem: "github-actions" directory: "/" schedule: - interval: "weekly" + interval: "quarterly" cooldown: default-days: 7 groups: - github-actions: + actions-version-updates: + applies-to: version-updates # keep security PRs standalone + fast patterns: - "*" diff --git a/project_name/.github/dependabot.yml b/project_name/.github/dependabot.yml index b614fc4..ac149fe 100644 --- a/project_name/.github/dependabot.yml +++ b/project_name/.github/dependabot.yml @@ -3,9 +3,10 @@ updates: - package-ecosystem: github-actions directory: / schedule: - interval: weekly + interval: quarterly cooldown: default-days: 7 groups: - github-actions: + actions-version-updates: + applies-to: version-updates # keep security PRs standalone + fast patterns: ['*']