Add dependabot config for pnpm workspace, cargo, and actions (#8660)

Signed-off-by: jh-block <jhugo@block.xyz>
2026-04-28 03:29:36 +00:00 · 2026-04-20 13:13:10 +02:00 · 2026-04-20 13:13:10 +02:00 · 030de5de91
commit 030de5de91
parent 77542db432
1 changed files with 33 additions and 0 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -0,0 +1,33 @@
+version: 2
+updates:
+  # pnpm workspace for the UI (desktop, acp, text, sdk, goose-binary/*, goose2).
+  # Point at the workspace ROOT where pnpm-lock.yaml lives so Dependabot updates
+  # both the child package.json AND ui/pnpm-lock.yaml in one PR.
+  - package-ecosystem: "npm"
+    directory: "/ui"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 10
+    groups:
+      ui-minor-and-patch:
+        update-types:
+          - "minor"
+          - "patch"
+
+  # Cargo workspace at the repo root.
+  - package-ecosystem: "cargo"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 10
+    groups:
+      cargo-minor-and-patch:
+        update-types:
+          - "minor"
+          - "patch"
+
+  # GitHub Actions used by workflows in .github/workflows.
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"