mirror of
https://github.com/ceph/ceph-csi.git
synced 2025-01-18 02:39:30 +00:00
ci: disable dependabot PR creation for /api dependencies
Dependabot does not need to report available updates for vendored dependencies in the downstream repository. Updates to dependencies are synced from the upstream repository when needed. There is also the "Upstream First" requirement, which we follow closely. See-also: https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#open-pull-requests-limit Signed-off-by: Niels de Vos <ndevos@ibm.com>
This commit is contained in:
Niels de Vos
Niels de Vos
parent
ce40a55de7
commit
b7955ec0ee
2
.github/dependabot.yml
vendored
2
.github/dependabot.yml
vendored
@ -53,6 +53,8 @@ updates:
|
|||||||
commit-message:
|
commit-message:
|
||||||
prefix: "rebase"
|
prefix: "rebase"
|
||||||
- package-ecosystem: "gomod"
|
- package-ecosystem: "gomod"
|
||||||
|
# ODF only: disable PR creation, synced from upstream
|
||||||
|
open-pull-requests-limit: 0
|
||||||
directory: "/api"
|
directory: "/api"
|
||||||
schedule:
|
schedule:
|
||||||
interval: "weekly"
|
interval: "weekly"
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user