Merge pull request #750 from kbase/dev-update_dependabot

Xiangs18 · web-flow · commit f97f21e54004 · 2025-07-11T12:34:24.000-07:00
SECURITY-4: Update Dependabot.yml
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -1,14 +1,34 @@
 version: 2
 updates:
-- package-ecosystem: docker
-  directory: "/"
-  schedule:
-    interval: weekly
-    time: '11:00'
-  open-pull-requests-limit: 10
-- package-ecosystem: pip
-  directory: "/"
-  schedule:
-    interval: daily
-    time: '11:00'
-  open-pull-requests-limit: 10
+
+  # Docker base images
+  - package-ecosystem: docker
+    directory: "/"
+    schedule:
+      interval: monthly
+      time: "11:00"
+    open-pull-requests-limit: 25
+
+  # Python (pip) dependencies
+  - package-ecosystem: pip
+    directory: "/"
+    schedule:
+      interval: monthly
+      time: "11:00"
+    open-pull-requests-limit: 25
+
+  # GitHub Actions workflows
+  - package-ecosystem: github-actions
+    directory: ".github/workflows"
+    schedule:
+      interval: monthly
+      time: "11:00"
+    open-pull-requests-limit: 25
+
+  # Gradle (Java dependencies)
+  - package-ecosystem: gradle
+    directory: "/"
+    schedule:
+      interval: monthly
+      time: "11:00"
+    open-pull-requests-limit: 25
