Add Cooldown period for dependabot

cadmiumcat · cadmiumcat · commit 9f7b0a3fe591 · 2025-10-15T15:21:03.000+01:00
We're adding a cooldown period to help protect againts supply chain attacks

We also want PRs to be raise on a day when we're likely to be around
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -10,13 +10,17 @@ updates:
     directory: "/"
     schedule:
       interval: "weekly"
-      day: "sunday"
+      day: "tuesday"
+    cooldown:
+      default-days: 7
     open-pull-requests-limit: 10
 
   # Maintain dependencies for Ruby/Rails bundler
   - package-ecosystem: "bundler"
     directory: "/"
     schedule:
       interval: "weekly"
-      day: "sunday"
+      day: "tuesday"
+    cooldown:
+      default-days: 7
     open-pull-requests-limit: 10
