mirror of
https://github.com/tailscale/tailscale.git
synced 2024-11-25 11:05:45 +00:00
.github/dependabot.yml: disable eager updates for Go.
Given our development cycle, we'll instead do big-bang updates after every release, to give time for all the updates to soak in unstable. This does _not_ disable dependabot security-critical PRs. Signed-off-by: David Anderson <danderson@tailscale.com>
This commit is contained in:
parent
c0701b130d
commit
9f867ad2c5
18
.github/dependabot.yml
vendored
18
.github/dependabot.yml
vendored
@ -2,13 +2,17 @@
|
|||||||
# https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates
|
# https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates
|
||||||
version: 2
|
version: 2
|
||||||
updates:
|
updates:
|
||||||
- package-ecosystem: "gomod"
|
## Disabled between releases. We reenable it briefly after every
|
||||||
directory: "/"
|
## stable release, pull in all changes, and close it again so that
|
||||||
schedule:
|
## the tree remains more stable during development and the upstream
|
||||||
interval: "daily"
|
## changes have time to soak before the next release.
|
||||||
commit-message:
|
# - package-ecosystem: "gomod"
|
||||||
prefix: "go.mod:"
|
# directory: "/"
|
||||||
open-pull-requests-limit: 100
|
# schedule:
|
||||||
|
# interval: "daily"
|
||||||
|
# commit-message:
|
||||||
|
# prefix: "go.mod:"
|
||||||
|
# open-pull-requests-limit: 100
|
||||||
- package-ecosystem: "github-actions"
|
- package-ecosystem: "github-actions"
|
||||||
directory: "/"
|
directory: "/"
|
||||||
schedule:
|
schedule:
|
||||||
|
Loading…
Reference in New Issue
Block a user