From 591e9e6d112c0f73f041c6f14ecc12ff1c0b2e11 Mon Sep 17 00:00:00 2001 From: beeps Date: Tue, 13 May 2025 11:27:05 +0100 Subject: [PATCH] Replace reviewers with codeowners file Dependabot's reviewers option is being removed on 27th May and has been replaced with a dedicated codeowners file. --- .github/dependabot.yml | 11 ++--------- CODEOWNERS | 10 ++++++++++ 2 files changed, 12 insertions(+), 9 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 141adfff..2db271b6 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,7 +1,6 @@ version: 2 updates: - # Update npm packages - package-ecosystem: npm directory: / @@ -12,10 +11,8 @@ updates: # First in list so Dependabot looks at updating those first design-system: patterns: - - 'govuk-frontend' - - 'accessible-autocomplete' - reviewers: - - alphagov/design-system-developers + - "govuk-frontend" + - "accessible-autocomplete" schedule: # Defaults to weekly on Monday interval: monthly @@ -30,8 +27,6 @@ updates: # Update Ruby gems - package-ecosystem: bundler directory: / - reviewers: - - alphagov/design-system-developers schedule: # Defaults to weekly on Monday interval: monthly @@ -46,8 +41,6 @@ updates: # Update GitHub Actions - package-ecosystem: github-actions directory: / - reviewers: - - alphagov/design-system-developers schedule: # Defaults to weekly on Monday interval: monthly diff --git a/CODEOWNERS b/CODEOWNERS index 47074b35..4c3cc369 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1,2 +1,12 @@ # CI/CD (which has access to secrets and to production) .github/workflows/ @alphagov/design-system-developers + +# Track changes to package.json or package-lock.json +/package*.json @alphagov/design-system-developers + +# Track changes to Gemfiles +/Gemfile @alphagov/design-system-developers +/Gemfile.lock @alphagov/design-system-developers + +# Protect the CODEOWNERS file itself against malicious changes +CODEOWNERS @alphagov/design-system-developers \ No newline at end of file