add .github/dependabot.yml

This attempts to group all security related fixes for docs/ gems into one PR on a monthly basis.
2025-08-16 05:55:59 +08:00 · 2024-04-17 12:45:41 -07:00 · 2024-04-17 12:45:41 -07:00 · 459a76b574
commit 459a76b574
parent 7d58126d07
1 changed files with 14 additions and 0 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -0,0 +1,14 @@
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: "bundler"
+    directory: "/doc" # Location of package manifests
+    schedule:
+      interval: "monthly"
+    groups:
+      doc-gems-security:
+        applies-to: "security-updates"
+        patterns:
+          - "*"
+