Update to "tmpl" template repository version 0.6.0 (#25)

Updated to "tmpl" version 0.6.0 [1] which introduced a configuration for automated dependency updates and security alerts [2] with Dependabot [3]. Next to the included update configurations for the CI/CD GitHub action workflow [4] and Yarn/NPM dependencies [5], the file has been extended to support Go modules [6]. [1]: https://github.com/svengreb/tmpl/releases/tag/v0.5.0 [2]: svengreb/tmpl#52 [3]: https://dependabot.com [4]: https://github.com/svengreb/tmpl#cicd-action-workflow [5]: https://github.com/svengreb/tmpl#nodejs-yarn-and-npm [6]: https://golang.org/ref/mod Closes GH-24
svengreb · Nov 8, 2020 · 793efc2 · 793efc2
1 parent 6bf924b
commit 793efc2
Showing 1 changed file with 44 additions and 0 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,44 @@
+# Copyright (c) 2020-present Sven Greb <development@svengreb.de>
+# This source code is licensed under the MIT license found in the LICENSE file.
+
+# Configuration for the native Dependabot integration.
+# See the official GitHub documentations for more details:
+#   - https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/configuration-options-for-dependency-updates
+#   - https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/about-dependabot-version-updates
+#   - https://docs.github.com/en/free-pro-team@latest/github/managing-security-vulnerabilities/about-dependabot-security-updates
+#   - https://github.com/features#features-security
+
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    reviewers:
+      - "svengreb"
+    labels:
+      - "scope-quality"
+      - "scope-security"
+      - "target-base"
+
+  - package-ecosystem: "gomod"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    reviewers:
+      - "svengreb"
+    labels:
+      - "scope-quality"
+      - "scope-security"
+      - "target-base"
+
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    reviewers:
+      - "svengreb"
+    labels:
+      - "scope-quality"
+      - "scope-security"
+      - "target-base"