1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
version: 2
updates:
- package-ecosystem: npm
directory: '/'
schedule:
interval: weekly
open-pull-requests-limit: 99
allow:
- dependency-type: direct
ignore:
# This version needs to match Rails major version, so stick to 6.x only
- dependency-name: '@rails/ujs'
versions:
- '>= 7'
# TODO: This requires code changes for migration
- dependency-name: 'tesseract.js'
versions:
- '>= 3'
# TODO: This version needs manual updates for breaking changes
- dependency-name: 'react-hotkeys'
versions:
- '>= 2'
# TODO: This version has breaking changes
- dependency-name: 'intl-messageformat'
versions:
- '>= 3'
# TODO: This version has breaking changes
- dependency-name: 'react-intl'
versions:
- '>= 3'
# TODO: This version has breaking changes
- dependency-name: 'babel-plugin-react-intl'
versions:
- '>= 7'
# TODO: This version requires code changes
- dependency-name: 'webpack-dev-server'
versions:
- '>= 4'
# TODO: This version was ignored in https://github.com/mastodon/mastodon/pull/15238
- dependency-name: 'webpack-cli'
versions:
- '>= 4'
- package-ecosystem: bundler
directory: '/'
schedule:
interval: weekly
open-pull-requests-limit: 99
allow:
- dependency-type: direct
ignore:
# This version needs to match Rails major version, so stick to 6.x only
- dependency-name: 'rails-i18n'
versions:
- '>= 7.0.0'
# This version needs manual updates https://github.com/rails/sprockets/blob/master/UPGRADING.md#guide-to-upgrading-from-sprockets-3x-to-4x
- dependency-name: 'sprockets'
versions:
- '>= 4.0.0'
# This version needs manual updates https://github.com/rails/sprockets/blob/master/UPGRADING.md#guide-to-upgrading-from-sprockets-3x-to-4x
- dependency-name: 'strong_migrations'
versions:
- '>= 1.0.0'
# This version needs updates and to sync with sidekiq-unique-jobs
- dependency-name: 'sidekiq'
versions:
- '>= 7.0.0'
# This version needs updates and to sync with sidekiq
- dependency-name: 'sidekiq-unique-jobs'
versions:
- '>= 8.0.0'
# This version needs updates and to sync with sidekiq and sidekiq-unique-jobs
- dependency-name: 'redis'
versions:
- '>= 5.0.0'
# TODO: was ignored in https://github.com/mastodon/mastodon/pull/13964
- dependency-name: 'fog-openstack'
versions:
- '>= 1.0.0'
# sassc dependency issue tracked in https://github.com/BetterErrors/better_errors/issues/516
- dependency-name: 'better_errors'
versions:
- '2.10.0'
- package-ecosystem: github-actions
directory: '/'
schedule:
interval: weekly
open-pull-requests-limit: 99
allow:
- dependency-type: direct
- package-ecosystem: docker
directory: '/'
schedule:
interval: weekly
open-pull-requests-limit: 99
ignore:
- dependency-name: 'moritzheiber/ruby-jemalloc'
update-types:
# only suggest patch releases for ruby and needs to sync with .ruby-version
- 'version-update:semver-minor'
- dependency-name: 'node'
update-types:
# only node minor releases allowed unless .nvmrc major is changed
- 'version-update:semver-major'