mirror of
https://github.com/danny-avila/LibreChat.git
synced 2025-12-25 12:48:53 +01:00
c9b035a0bd
* Create dependabot.yml Initial dependabot.yml * Create SECURITY.md Guideline for security researcher to report vulnerabilities and communicate the discovery to our project community. * Update SECURITY.md Change wording for Discord channel initial contact and added Github Issues guideline.
41 lines
1.5 KiB
YAML
41 lines
1.5 KiB
YAML
# To get started with Dependabot version updates, you'll need to specify which
|
|
# package ecosystems to update and where the package manifests are located.
|
|
# Please see the documentation for all configuration options:
|
|
# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
|
|
|
|
version: 2
|
|
updates:
|
|
- package-ecosystem: "npm" # See documentation for possible values
|
|
directory: "/api" # Location of package manifests
|
|
schedule:
|
|
interval: "weekly"
|
|
allow:
|
|
# Allow both direct and indirect updates for all packages
|
|
- dependency-type: "all"
|
|
commit-message:
|
|
prefix: "npm api prod"
|
|
prefix-development: "npm api dev"
|
|
include: "scope"
|
|
- package-ecosystem: "npm" # See documentation for possible values
|
|
directory: "/client" # Location of package manifests
|
|
schedule:
|
|
interval: "weekly"
|
|
allow:
|
|
# Allow both direct and indirect updates for all packages
|
|
- dependency-type: "all"
|
|
commit-message:
|
|
prefix: "npm client prod"
|
|
prefix-development: "npm client dev"
|
|
include: "scope"
|
|
- package-ecosystem: "npm" # See documentation for possible values
|
|
directory: "/" # Location of package manifests
|
|
schedule:
|
|
interval: "weekly"
|
|
allow:
|
|
# Allow both direct and indirect updates for all packages
|
|
- dependency-type: "all"
|
|
commit-message:
|
|
prefix: "npm all prod"
|
|
prefix-development: "npm all dev"
|
|
include: "scope"
|
|
|