chore: add dependabot by inigomarquinez · Pull Request #28 · jshttp/statuses (original) (raw)
Copy link Copy Markdown
Contributor
Main Changes
dependabot will check for available updates for the dependencies that we use in the project. In the current setup, it will generate PRs once per week if the are new versions for our dependencies (npm and Github Actions).
We can remove npm and limit it to Github Actions, as well we can modify the frequency.
dependabot is capable of following the pin version schema introduced in #25, so it will be able to upgrade and pin the Github actions accordingly.
The configuration is very flexible, see the documentation