docs: updates on workflows

ADMSK\AVROGAL1 · ADMSK\AVROGAL1 · commit c8e304f408d1 · 2021-01-30T15:18:02.000+03:00
Added information on documentation
diff --git a/.dependabot/config.yml b/.dependabot/config.yml
@@ -2,25 +2,40 @@
 # package ecosystems to update and where the package manifests are located.
 # Please see the documentation for all configuration options:
 # https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
-version: 2
+version: 1
 
-updates:
-  - package-ecosystem: "github-actions"
-    open-pull-requests-limit: 2
+update_configs:
+  # Keep package.json (& lockfiles) up to date as soon as
+  # new versions are published to the npm registry
+  - package_manager: "javascript"
     directory: "/"
-    schedule:
-      interval: "daily"
-      time: "13:00"
-    allow:
-      - dependency-type: direct
-    commit-message:
-      prefix: "docs: dependency updates\n\nUpdates on dependencies"
-    labels:
-      - "dependencies"
-      - ":robot: bot"
-    assignees:
-      - "AlexRogalskiy"
-    reviewers:
-      - "AlexRogalskiy"
+    update_schedule: "live"
+    allowed_updates:
+      - match:
+          dependency_type: "development"
+          # Supported dependency types:
+          # - "development"
+          #   Development dependency group (supported by some package managers)
+          # - "production"
+          #   Production dependency group (supported by some package managers)
+          # - "direct"
+          #   Direct/top-level dependencies
+          # - "indirect"
+          #   Indirect/transient/sub-dependencies
+          # - "all"
+          update_type: "all"
+          # Supported update types:
+          # - "security"
+          # - "all"
+      - match:
+          dependency_type: "production"
+          update_type: "security"
 
-update_configs:
+  # Keep Dockerfile up to date, batching pull requests weekly
+  - package_manager: "docker"
+    directory: "/"
+    update_schedule: "daily"
+
+  - package_manager: "python"
+    directory: "/"
+    update_schedule: "weekly"
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,57 @@
+version: 2
+
+updates:
+  - package-ecosystem: "github-actions"
+    open-pull-requests-limit: 5
+    directory: "/"
+    schedule:
+      interval: "daily"
+      time: "13:00"
+    allow:
+      - dependency-type: direct
+    commit-message:
+      prefix: "github-actions"
+    labels:
+      - "dependencies"
+      - ":robot: bot"
+    assignees:
+      - "AlexRogalskiy"
+    reviewers:
+      - "octocat"
+      - "AlexRogalskiy"
+
+  # Maintain dependencies for npm
+  - package-ecosystem: "npm"
+    open-pull-requests-limit: 10
+    directory: "/"
+    schedule:
+      interval: "daily"
+      time: "09:00"
+    commit-message:
+      # Prefix all commit messages with "npm"
+      prefix: "npm"
+    # Specify labels for npm pull requests
+    labels:
+      - "npm"
+      - "dependencies"
+    pull-request-branch-name:
+      # Separate sections of the branch name with a hyphen
+      # for example, `dependabot-npm_and_yarn-next_js-acorn-6.4.1`
+      separator: "-"
+
+  - package-ecosystem: "pip"
+    open-pull-requests-limit: 10
+    directory: "/"
+    schedule:
+      interval: "daily"
+      time: "16:00"
+    commit-message:
+      prefix: "pip prod"
+      prefix-development: "pip dev"
+      include: "scope"
+    allow:
+      # Allow both direct and indirect updates for all packages
+      - dependency-type: "all"
+    # Labels on pull requests for version updates only
+    labels:
+      - "pip dependencies"
