Update dependabot.yml

carlsixsmith-moj · web-flow · commit dd0e259f602b · 2026-05-01T08:45:30.000+01:00
Update dependabot to match security requirements. This sets up dependabot to use the 7 day cool down for dependency updates.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -1,15 +1,27 @@
 version: 2
+
 updates:
   - package-ecosystem: "nuget"
     directory: "/"
     schedule:
-      interval: "weekly"
-      day: "sunday"
+      interval: "daily"
       time: "04:00"
+    cooldown:
+      default-days: 7
+
     target-branch: "develop"
+
     commit-message:
       prefix: "deps"
+
     open-pull-requests-limit: 1
+
+    ignore:
+      - dependency-name: "AutoMapper"
+      - dependency-name: "AutoMapper.*"
+      - dependency-name: "MediatR"
+      - dependency-name: "MediatR.*"
+
     groups:
       all-dependencies:
         patterns:
