From 15f60adff0c53b2bfd4d7406fad0240145a1b568 Mon Sep 17 00:00:00 2001 From: Trent Bartlem Date: Thu, 17 Jul 2025 14:38:31 +1000 Subject: [PATCH 1/5] Add dependabot.yml --- .github/dependabot.yml | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..a30e19d --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,8 @@ +version: 2 +updates: + - package-ecosystem: pip + directory: / + schedule: + interval: weekly + allow: + - dependency-type: all From ab6eb8b17763f8a18de76bbb3bbc032eff0271c6 Mon Sep 17 00:00:00 2001 From: Trent Bartlem Date: Thu, 17 Jul 2025 14:41:12 +1000 Subject: [PATCH 2/5] Update dependabot.yml --- .github/dependabot.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index a30e19d..9db7a54 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -4,5 +4,3 @@ updates: directory: / schedule: interval: weekly - allow: - - dependency-type: all From f3bb24b33fc3cc0b07583260c2ccf9b2e7c2c0c3 Mon Sep 17 00:00:00 2001 From: Trent Bartlem Date: Thu, 17 Jul 2025 14:47:40 +1000 Subject: [PATCH 3/5] Adjust to also check github actions, but ignore minor versions for builtin actions --- .github/dependabot.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 9db7a54..21964df 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -4,3 +4,12 @@ updates: directory: / schedule: interval: weekly + - package-ecosystem: github-actions + directory: / + schedule: + interval: weekly + ignore: + - dependency-name: "github/*" + update-types: ["version-update:semver-minor", "version-update:semver-patch"] + - dependency-name: "actions/*" + update-types: ["version-update:semver-minor", "version-update:semver-patch"] From c609bd7fcfc68c54871b7326f8e697f8af2516e8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 17 Jul 2025 14:52:43 +1000 Subject: [PATCH 4/5] Bump prometheus-client from 0.20.0 to 0.22.1 (#4) Bumps [prometheus-client](https://github.com/prometheus/client_python) from 0.20.0 to 0.22.1. - [Release notes](https://github.com/prometheus/client_python/releases) - [Commits](https://github.com/prometheus/client_python/compare/v0.20.0...v0.22.1) --- updated-dependencies: - dependency-name: prometheus-client dependency-version: 0.22.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Pipfile.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Pipfile.lock b/Pipfile.lock index a3acef6..af4ffc9 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -221,12 +221,12 @@ }, "prometheus-client": { "hashes": [ - "sha256:287629d00b147a32dcb2be0b9df905da599b2d82f80377083ec8463309a4bb89", - "sha256:cde524a85bce83ca359cc837f28b8c0db5cac7aa653a588fd7e84ba061c329e7" + "sha256:190f1331e783cf21eb60bca559354e0a4d4378facecf78f5428c39b675d20d28", + "sha256:cca895342e308174341b2cbf99a56bef291fbc0ef7b9e5412a0f26d653ba7094" ], "index": "pypi", - "markers": "python_version >= '3.8'", - "version": "==0.20.0" + "markers": "python_version >= '3.9'", + "version": "==0.22.1" }, "requests": { "hashes": [ From 3266e049ab10ea95a954beb67482235b62ca3624 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 17 Jul 2025 14:53:08 +1000 Subject: [PATCH 5/5] Bump actions/checkout from 2 to 4 (#6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 59d8d41..23f8409 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Set up Python uses: actions/setup-python@v1 with: