dependabot labels

observIQ · Dec 18, 2023 · 2639c7d · 2639c7d
1 parent efc0d1c
commit 2639c7d
Showing 1 changed file with 8 additions and 6 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -1,14 +1,16 @@
 version: 2
-updates: []
+updates:
   - package-ecosystem: "gomod"
+    # Setting the limit to zero should limit
+    # Dependabot to security updates only.
     open-pull-requests-limit: 0
     directory: "/"
     schedule:
       interval: "monthly"
-    ignore:
-      # AWS we want to ignore nightly patch releases
-      - dependency-name: "github.com/aws/aws-sdk-go"
-        update-types: ["version-update:semver-patch"]
+      day: "monday"
+    labels:
+      - "dependencies"
+      - "security"
     commit-message:
       prefix: "deps"
-      include: "scope"
+      include: "scope"