From b740517a71bca61797d54b32b0b891b61dfb0667 Mon Sep 17 00:00:00 2001
From: Paul Carleton <paulc@anthropic.com>
Date: Fri, 24 Apr 2026 12:52:17 +0100
Subject: [PATCH] =?UTF-8?q?chore:=20remove=20dependabot.yml=20=E2=80=94=20?=
 =?UTF-8?q?security-only=20via=20repo=20defaults?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Conformance is a leaf CLI; scheduled version bumps are churn. Deleting
the config disables version-update PRs entirely. Security advisories
remain enabled via repo settings (Code security > Dependabot).
---
 .github/dependabot.yml | 42 ------------------------------------------
 1 file changed, 42 deletions(-)
 delete mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
deleted file mode 100644
index 77cff36..0000000
--- a/.github/dependabot.yml
+++ /dev/null
@@ -1,42 +0,0 @@
-version: 2
-
-# Security updates always come through regardless of these settings.
-# Scheduled (non-security) updates are limited to minor/patch only —
-# major bumps of devDeps like eslint/typescript are manual decisions.
-
-updates:
-  - package-ecosystem: npm
-    directory: /
-    schedule:
-      interval: monthly
-    groups:
-      all-dependencies:
-        patterns:
-          - '*'
-    ignore:
-      - dependency-name: '*'
-        update-types: ['version-update:semver-major']
-
-  - package-ecosystem: npm
-    directory: /examples/servers/typescript
-    schedule:
-      interval: monthly
-    groups:
-      all-dependencies:
-        patterns:
-          - '*'
-    ignore:
-      - dependency-name: '*'
-        update-types: ['version-update:semver-major']
-
-  - package-ecosystem: github-actions
-    directory: /
-    schedule:
-      interval: monthly
-    groups:
-      all-actions:
-        patterns:
-          - '*'
-    ignore:
-      - dependency-name: '*'
-        update-types: ['version-update:semver-major']