From 388a1af85d0a4e92a74fd94059cc651df6b23158 Mon Sep 17 00:00:00 2001
From: rashidakanchwala <37628668+rashidakanchwala@users.noreply.github.com>
Date: Fri, 16 Sep 2022 10:45:29 +0100
Subject: [PATCH] Create initial depandabot.yml to tackle batch python
 dependency update (#1060)

This ticket adds 'Dependabot Version Update' for all python dependencies except mypy dependencies in test_requirements.
We made a decision (@AntonyMilneQB , @tynandebold ) to limit front-end to only 'Dependabot Security Updates'

Since this is the first time we are doing this, there's a long list of python dependencies that needs to be updated (~20) For this purpose we have set up this ticket as the initial dependabot PR to do a batch update.

Following this we will create another PR with slightly different configurations to handle regular updates.
---
 .github/dependabot.yml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000000..840883a1f9
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,18 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: "pip" # See documentation for possible values
+    directory: "/package" # Location of package manifests
+    schedule:
+      interval: "daily"
+    target-branch: "dependency-update"
+    ignore:
+      - dependency-name: "types-*"
+    labels:
+      - "python"
+      - "dependencies"
+    open-pull-requests-limit: 50