add .github/dependabot.yml (#1060)

* add .github/dependabot.yml This attempts to group all security related fixes for docs/ gems into one PR on a monthly basis. * clear yamllint warnings ignoring 'document-start'
2025-08-14 18:45:53 +08:00 · 2024-05-08 10:10:58 -07:00 · 2024-05-08 10:10:58 -07:00 · 91ab336d3d
commit 91ab336d3d
parent 7d58126d07
1 changed files with 13 additions and 0 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -0,0 +1,13 @@
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: "bundler"
+    directory: "/doc"
+    schedule:
+      interval: "monthly"
+    groups:
+      doc-gems-security:
+        applies-to: "security-updates"
+        patterns:
+          - "*"