diff --git a/.github/dependabot.yml b/.github/dependabot.yml index f0527e6..d7497c8 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,12 +1,26 @@ version: 2 updates: -- package-ecosystem: bundler - directory: "/" - schedule: - interval: daily - open-pull-requests-limit: 10 -- package-ecosystem: github-actions - directory: "/" - schedule: - interval: daily - open-pull-requests-limit: 10 + - package-ecosystem: bundler + directory: "/" + schedule: + interval: weekly + day: monday + open-pull-requests-limit: 5 + groups: + # Bundle all minor + patch gem updates into a single weekly PR. + # Major bumps still open as individual PRs for deliberate review. + ruby-minor-and-patch: + update-types: + - minor + - patch + - package-ecosystem: github-actions + directory: "/" + schedule: + interval: weekly + day: monday + open-pull-requests-limit: 5 + groups: + github-actions: + update-types: + - minor + - patch