Skip to content

ci: add dependabot configuration for automated dependency updates#242

Merged
Mossaka merged 2 commits intomainfrom
copilot/add-dependabot-configuration
Jan 17, 2026
Merged

ci: add dependabot configuration for automated dependency updates#242
Mossaka merged 2 commits intomainfrom
copilot/add-dependabot-configuration

Conversation

Copy link
Contributor

Copilot AI commented Jan 17, 2026
edited
Loading

Configures Dependabot to automatically create PRs for dependency updates across all package ecosystems in the repository.

Configuration

  • npm: Root project and docs-site/ with grouping for TypeScript, testing, linting, and commitlint dependencies
  • Docker: Base image updates for containers/agent/ and containers/squid/
  • GitHub Actions: Workflow action version updates with grouping for actions/*

Schedule

Weekly on Mondays with reasonable PR limits per ecosystem to avoid noise.

Grouping Rules

Related dependencies are bundled to reduce PR churn:

  • typescript, @types/*, @typescript-eslint/*, ts-*
  • jest, *jest*
  • eslint, *eslint*
  • @commitlint/*, husky
  • astro, @astrojs/*
Original prompt

This section details on the original issue you should resolve

<issue_title>[High Priority] Enable Dependabot for automated dependency updates</issue_title>
<issue_description>## Context
From CI/CD Pipeline Gap Assessment (Discussion #227)

Description

Configure Dependabot to automatically create PRs for dependency updates, improving security and maintainability.

Acceptance Criteria

  • Create dependabot configuration file
  • Configure npm ecosystem scanning
  • Set appropriate update schedule (e.g., weekly)
  • Configure grouping rules for related dependencies
  • Add Docker ecosystem scanning for container images

Estimated Effort

Approximately 30 minutes

Related

Comments on the Issue (you are @copilot in this section)

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

@Mossaka
ci: add dependabot configuration for automated dependency updates
ba84b5d 
Co-authored-by: Mossaka <5447827+Mossaka@users.noreply.github.com>
Copilot AI changed the title [WIP] Configure Dependabot for automated dependency updates ci: add dependabot configuration for automated dependency updates Jan 17, 2026
Copilot AI requested a review from Mossaka January 17, 2026 04:35
@Mossaka Mossaka marked this pull request as ready for review January 17, 2026 08:56
@github-actions
Copy link
Contributor

github-actions bot commented Jan 17, 2026

Test Coverage Report

Metric Coverage Covered/Total
Lines 77.19% 1300/1684
Statements 77.27% 1333/1725
Functions 77.17% 142/184
Branches 69.76% 450/645
Coverage Thresholds

The project has the following coverage thresholds configured:

  • Lines: 38%
  • Statements: 38%
  • Functions: 35%
  • Branches: 30%

Coverage report generated by `npm run test:coverage`

@Mossaka Mossaka merged commit 9e063a0 into main Jan 17, 2026
41 checks passed
@Mossaka Mossaka deleted the copilot/add-dependabot-configuration branch January 17, 2026 09:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Mossaka Mossaka Awaiting requested review from Mossaka

Assignees

@Mossaka Mossaka

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[High Priority] Enable Dependabot for automated dependency updates

2 participants

@Mossaka