chore: tune Dependabot (security-only pip; actions weekly) (#12)

CoderDeltaLAN · web-flow · commit 1c315d971028 · 2025-08-29T04:04:57.000+01:00
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -2,14 +2,20 @@ version: 2
 updates:
   - package-ecosystem: "github-actions"
     directory: "/"
-    schedule: { interval: "daily" }
-    open-pull-requests-limit: 5
-    labels: ["dependencies"]
+    schedule: { interval: "weekly" }
+    open-pull-requests-limit: 2
+    labels: ["dependencies","ci"]
     commit-message: { prefix: "deps" }
 
   - package-ecosystem: "pip"
     directory: "/"
-    schedule: { interval: "daily" }
-    open-pull-requests-limit: 5
-    labels: ["dependencies"]
+    schedule: { interval: "weekly" }
+    open-pull-requests-limit: 2
+    labels: ["dependencies","security"]
     commit-message: { prefix: "deps" }
+    ignore:
+      - dependency-name: "click"
+      - dependency-name: "rich"
+      - dependency-name: "black"
+      - dependency-name: "typer"
+    versioning-strategy: increase-if-necessary
