From 49ebe5147586d2b38526dfe18b2c5d9981aa54a2 Mon Sep 17 00:00:00 2001 From: squidfunk Date: Thu, 14 Sep 2023 10:00:59 +0200 Subject: [PATCH] Limit Dependabot for Python to security updates --- .github/dependabot.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 3df61b35c40..23de615b2c8 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -28,7 +28,9 @@ updates: interval: weekly time: "04:00" - package-ecosystem: pip - open-pull-requests-limit: 10 + # We only want to bump versions of packages in case of security updates, as + # we want to keep maximum compatibility - see https://t.ly/INSR_ + open-pull-requests-limit: 0 directory: "/" labels: [] schedule: