From 1142716fa49b1105cc88c57a7ace21c3f56fb90c Mon Sep 17 00:00:00 2001
From: Doug Lance <4741454+douglance@users.noreply.github.com>
Date: Wed, 14 May 2025 16:54:25 -0400
Subject: [PATCH 1/4] chore: adds dependabot.yml

---
 .github/workflows/dependabot.yml | 66 ++++++++++++++++++++++++++++++++
 1 file changed, 66 insertions(+)
 create mode 100644 .github/workflows/dependabot.yml

diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml
new file mode 100644
index 000000000..f06713e9f
--- /dev/null
+++ b/.github/workflows/dependabot.yml
@@ -0,0 +1,66 @@
+version: 2
+updates:
+  # Root package.json
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-name: "@arbitrum/*"
+      - dependency-name: "@offchainlabs/*"
+    versioning-strategy: increase-if-necessary
+    ignore:
+      - dependency-name: "*"
+        update-types: ["version-update:semver-patch"]
+    groups:
+      internal-dependencies:
+        patterns:
+          - "@arbitrum/*"
+          - "@offchainlabs/*"
+    reviewers:
+      - "OffchainLabs/full-stack"
+    labels:
+      - "dependencies"
+
+  # Monorepo packages
+  - package-ecosystem: "npm"
+    directory: "/packages/sdk"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-name: "@arbitrum/*"
+      - dependency-name: "@offchainlabs/*"
+    versioning-strategy: increase-if-necessary
+    ignore:
+      - dependency-name: "*"
+        update-types: ["version-update:semver-patch"]
+    groups:
+      internal-dependencies:
+        patterns:
+          - "@arbitrum/*"
+          - "@offchainlabs/*"
+    reviewers:
+      - "OffchainLabs/full-stack"
+    labels:
+      - "dependencies"
+
+  - package-ecosystem: "npm"
+    directory: "/packages/ethers-viem-compat"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-name: "@arbitrum/*"
+      - dependency-name: "@offchainlabs/*"
+    versioning-strategy: increase-if-necessary
+    ignore:
+      - dependency-name: "*"
+        update-types: ["version-update:semver-patch"]
+    groups:
+      internal-dependencies:
+        patterns:
+          - "@arbitrum/*"
+          - "@offchainlabs/*"
+    reviewers:
+      - "OffchainLabs/full-stack"
+    labels:
+      - "dependencies" 
\ No newline at end of file

From 8b52500611c91a82ced0466b222d62cc7b1045ff Mon Sep 17 00:00:00 2001
From: Doug Lance <4741454+douglance@users.noreply.github.com>
Date: Fri, 16 May 2025 12:26:08 -0400
Subject: [PATCH 2/4] update based on orbitsdk learning

---
 .github/dependabot.yml           | 40 +++++++++++++++++++
 .github/workflows/dependabot.yml | 66 --------------------------------
 2 files changed, 40 insertions(+), 66 deletions(-)
 create mode 100644 .github/dependabot.yml
 delete mode 100644 .github/workflows/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 000000000..2a9cbe247
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,40 @@
+version: 2
+updates:
+  # ===  Internal dependencies ===
+  - package-ecosystem: 'npm'
+    directories:
+      - '/'
+      - '/packages/*'
+    schedule:
+      interval: 'daily'
+    allow:
+      - dependency-name: '@arbitrum/*'
+      - dependency-name: '@offchainlabs/*'
+    versioning-strategy: increase-if-necessary
+    ignore: # ignore patch updates
+      - dependency-name: '*'
+        update-types: ['version-update:semver-patch']
+    reviewers:
+      - 'OffchainLabs/full-stack'
+    labels:
+      - 'dependencies'
+      - 'internal'
+
+  # ===  External dependencies ===
+  - package-ecosystem: 'npm'
+    directories:
+      - '/'
+      - '/packages/*'
+    schedule:
+      interval: 'daily'
+    ignore: # exclude internal dependencies
+      - dependency-name: '@arbitrum/*'
+      - dependency-name: '@offchainlabs/*'
+    # For all other (external) dependencies not caught by the ignore above,
+    # disable version updates, allowing only security updates.
+    open-pull-requests-limit: 0
+    reviewers:
+      - 'OffchainLabs/full-stack'
+    labels:
+      - 'dependencies'
+      - 'external'
diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml
deleted file mode 100644
index f06713e9f..000000000
--- a/.github/workflows/dependabot.yml
+++ /dev/null
@@ -1,66 +0,0 @@
-version: 2
-updates:
-  # Root package.json
-  - package-ecosystem: "npm"
-    directory: "/"
-    schedule:
-      interval: "daily"
-    allow:
-      - dependency-name: "@arbitrum/*"
-      - dependency-name: "@offchainlabs/*"
-    versioning-strategy: increase-if-necessary
-    ignore:
-      - dependency-name: "*"
-        update-types: ["version-update:semver-patch"]
-    groups:
-      internal-dependencies:
-        patterns:
-          - "@arbitrum/*"
-          - "@offchainlabs/*"
-    reviewers:
-      - "OffchainLabs/full-stack"
-    labels:
-      - "dependencies"
-
-  # Monorepo packages
-  - package-ecosystem: "npm"
-    directory: "/packages/sdk"
-    schedule:
-      interval: "daily"
-    allow:
-      - dependency-name: "@arbitrum/*"
-      - dependency-name: "@offchainlabs/*"
-    versioning-strategy: increase-if-necessary
-    ignore:
-      - dependency-name: "*"
-        update-types: ["version-update:semver-patch"]
-    groups:
-      internal-dependencies:
-        patterns:
-          - "@arbitrum/*"
-          - "@offchainlabs/*"
-    reviewers:
-      - "OffchainLabs/full-stack"
-    labels:
-      - "dependencies"
-
-  - package-ecosystem: "npm"
-    directory: "/packages/ethers-viem-compat"
-    schedule:
-      interval: "daily"
-    allow:
-      - dependency-name: "@arbitrum/*"
-      - dependency-name: "@offchainlabs/*"
-    versioning-strategy: increase-if-necessary
-    ignore:
-      - dependency-name: "*"
-        update-types: ["version-update:semver-patch"]
-    groups:
-      internal-dependencies:
-        patterns:
-          - "@arbitrum/*"
-          - "@offchainlabs/*"
-    reviewers:
-      - "OffchainLabs/full-stack"
-    labels:
-      - "dependencies" 
\ No newline at end of file

From 9bffc4b3bc5404c81260f13cba0bc4f7f08691a1 Mon Sep 17 00:00:00 2001
From: Doug Lance <4741454+douglance@users.noreply.github.com>
Date: Fri, 16 May 2025 16:34:13 -0400
Subject: [PATCH 3/4] simplify

---
 .github/dependabot.yml | 45 +++++++++++-------------------------------
 1 file changed, 12 insertions(+), 33 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 2a9cbe247..b92dd6a3a 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,40 +1,19 @@
 version: 2
 updates:
-  # ===  Internal dependencies ===
-  - package-ecosystem: 'npm'
+  - package-ecosystem: npm
     directories:
-      - '/'
-      - '/packages/*'
-    schedule:
-      interval: 'daily'
-    allow:
-      - dependency-name: '@arbitrum/*'
-      - dependency-name: '@offchainlabs/*'
+      - '/*'
+    schedule: { interval: daily }
     versioning-strategy: increase-if-necessary
-    ignore: # ignore patch updates
+    ignore:
       - dependency-name: '*'
         update-types: ['version-update:semver-patch']
-    reviewers:
-      - 'OffchainLabs/full-stack'
-    labels:
-      - 'dependencies'
-      - 'internal'
+    reviewers: ['OffchainLabs/full-stack']
+    labels: ['dependencies']
 
-  # ===  External dependencies ===
-  - package-ecosystem: 'npm'
-    directories:
-      - '/'
-      - '/packages/*'
-    schedule:
-      interval: 'daily'
-    ignore: # exclude internal dependencies
-      - dependency-name: '@arbitrum/*'
-      - dependency-name: '@offchainlabs/*'
-    # For all other (external) dependencies not caught by the ignore above,
-    # disable version updates, allowing only security updates.
-    open-pull-requests-limit: 0
-    reviewers:
-      - 'OffchainLabs/full-stack'
-    labels:
-      - 'dependencies'
-      - 'external'
+    groups:
+      internal:
+        patterns: ['@arbitrum/*', '@offchainlabs/*']
+      external-security:
+        exclude-patterns: ['@arbitrum/*', '@offchainlabs/*']
+        applies-to: security-updates
\ No newline at end of file

From 8a80b18a9ecbc110730a00bba541d1ad5827611b Mon Sep 17 00:00:00 2001
From: Doug Lance <4741454+douglance@users.noreply.github.com>
Date: Wed, 11 Jun 2025 11:31:51 -0400
Subject: [PATCH 4/4] only internal deps

---
 .github/dependabot.yml | 23 ++++++++---------------
 1 file changed, 8 insertions(+), 15 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index b92dd6a3a..a7b561f67 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -2,18 +2,11 @@ version: 2
 updates:
   - package-ecosystem: npm
     directories:
-      - '/*'
-    schedule: { interval: daily }
-    versioning-strategy: increase-if-necessary
-    ignore:
-      - dependency-name: '*'
-        update-types: ['version-update:semver-patch']
-    reviewers: ['OffchainLabs/full-stack']
-    labels: ['dependencies']
-
-    groups:
-      internal:
-        patterns: ['@arbitrum/*', '@offchainlabs/*']
-      external-security:
-        exclude-patterns: ['@arbitrum/*', '@offchainlabs/*']
-        applies-to: security-updates
\ No newline at end of file
+      - '**/*'
+    schedule:
+      interval: daily
+    versioning-strategy: increase
+    open-pull-requests-limit: 5
+    allow:
+      - dependency-name: '@arbitrum/*'
+      - dependency-name: '@offchainlabs/*'
\ No newline at end of file