From 202c81ddcdfa1c1884e048d531fffeef1f902cd2 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Wed, 20 May 2026 20:24:24 +0000
Subject: [PATCH] chore(security): add Dependabot cooldown, grouped updates,
 and use npm ci

---
 .github/dependabot.yml      | 10 ++++++----
 .github/workflows/build.yml |  2 +-
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index b68db60..275e3ef 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -17,11 +17,11 @@ updates:
       prefix-development: chore
     labels:
       - "Dependencies"
+    cooldown:
+      default-days: 3
     groups:
-      production-dependencies:
-        dependency-type: "production"
-      development-dependencies:
-        dependency-type: "development"
+      actions:
+        patterns: ["*"]
 
   - package-ecosystem: "npm"
     directory: "/"
@@ -35,6 +35,8 @@ updates:
       prefix-development: chore
     labels:
       - "Dependencies"
+    cooldown:
+      default-days: 3
     groups:
       production-dependencies:
         dependency-type: "production"
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index d642147..2647e9c 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -24,7 +24,7 @@ jobs:
           node-version: '20'
 
       - name: Install dependencies
-        run: npm install
+        run: npm ci
 
       - name: Build code
         run: npm run compile