Skip to content

build(deps): dependabot cooldown configs / supply-chain hardening#1367

Merged
demolaf merged 1 commit into
mainfrom
chore/dependabot-cooldown
Jul 1, 2026
Merged

build(deps): dependabot cooldown configs / supply-chain hardening#1367
demolaf merged 1 commit into
mainfrom
chore/dependabot-cooldown

Conversation

@mikehardy

Copy link
Copy Markdown
Contributor

Add 7-day dependabot cooldown per ecosystem support rules: semver params for Swift and Bundler, default-days only for GitHub Actions.

Add 7-day cooldown for Swift and Bundler (with semver params) and GitHub
Actions (default-days only).

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces cooldown configurations to the Dependabot settings for various package ecosystems. The reviewer recommended simplifying the configuration by removing redundant semver-specific cooldown parameters, as they automatically fall back to the specified default-days value.

Comment thread .github/dependabot.yml
Comment thread .github/dependabot.yml
@demolaf demolaf merged commit 5b98fd5 into main Jul 1, 2026
14 checks passed
@demolaf demolaf deleted the chore/dependabot-cooldown branch July 1, 2026 16:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants