From dd0e259f602b047e4085137980cbf2187b9bd2b6 Mon Sep 17 00:00:00 2001 From: Carl Sixsmith Date: Fri, 1 May 2026 08:45:30 +0100 Subject: [PATCH 1/2] Update dependabot.yml Update dependabot to match security requirements. This sets up dependabot to use the 7 day cool down for dependency updates. --- .github/dependabot.yml | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 3382a44..1a81d17 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,15 +1,27 @@ version: 2 + updates: - package-ecosystem: "nuget" directory: "/" schedule: - interval: "weekly" - day: "sunday" + interval: "daily" time: "04:00" + cooldown: + default-days: 7 + target-branch: "develop" + commit-message: prefix: "deps" + open-pull-requests-limit: 1 + + ignore: + - dependency-name: "AutoMapper" + - dependency-name: "AutoMapper.*" + - dependency-name: "MediatR" + - dependency-name: "MediatR.*" + groups: all-dependencies: patterns: From 71ec63703f05a5c5999b315cc19ca5104132502f Mon Sep 17 00:00:00 2001 From: Carl Sixsmith Date: Fri, 1 May 2026 10:03:00 +0100 Subject: [PATCH 2/2] Update .github/dependabot.yml Co-authored-by: Sam Gibson <140488216+samgibsonmoj@users.noreply.github.com> --- .github/dependabot.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 1a81d17..9ef7992 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -16,12 +16,6 @@ updates: open-pull-requests-limit: 1 - ignore: - - dependency-name: "AutoMapper" - - dependency-name: "AutoMapper.*" - - dependency-name: "MediatR" - - dependency-name: "MediatR.*" - groups: all-dependencies: patterns: