disable npm PRs by dependabot.

namespacelabs · Sep 24, 2024 · f71d379 · f71d379
1 parent d542434
commit f71d379
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
@@ -17,3 +17,14 @@ updates:
       interval: "daily"
     commit-message:
       prefix: ".github:"
+  - package-ecosystem: "npm"
+    directory: "/"
+    registries: "*"
+    schedule:
+      interval: "daily"
+    commit-message:
+      prefix: ".npm:"
+    # "This option has no impact on security updates, which have a separate, internal limit of ten open pull requests."
+    # https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#open-pull-requests-limit
+    open-pull-requests-limit: 0
+