Skip to content

Add Dependabot configuration for automated dependency updates #116

Open
Open
Add Dependabot configuration for automated dependency updates#116
Labels
devopsCI/CD, deployment, toolinggood first issueGood for newcomershelp wantedExtra attention is needed
@Anuoluwapo25

Description

@Anuoluwapo25
Anuoluwapo25
opened on Mar 24, 2026

Task

Create .github/dependabot.yml so Dependabot automatically opens PRs for outdated dependencies.

Config to create

version: 2
updates:
  # npm (frontend)
  - package-ecosystem: "npm"
    directory: "/"
    schedule:
      interval: "weekly"
      day: "monday"
    labels: ["dependencies"]
    open-pull-requests-limit: 5

  # Cargo (smart contracts)
  - package-ecosystem: "cargo"
    directory: "/"
    schedule:
      interval: "weekly"
      day: "monday"
    labels: ["dependencies", "smart-contract"]
    open-pull-requests-limit: 3

  # GitHub Actions
  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
      interval: "weekly"
      day: "monday"
    labels: ["dependencies", "devops"]

Acceptance Criteria

  • .github/dependabot.yml created with all 3 ecosystems
  • No existing Dependabot config conflicts
  • File is valid YAML (run python -c "import yaml; yaml.safe_load(open('.github/dependabot.yml'))" to verify)

Estimated time: 10 minutes

Metadata

Metadata

Assignees

No one assigned

    Labels

    devopsCI/CD, deployment, toolinggood first issueGood for newcomershelp wantedExtra attention is needed

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions