From f71d379dceff2f494c6f3436fdcf37ed9b536404 Mon Sep 17 00:00:00 2001
From: Niklas Gehlen <niklas@namespacelabs.com>
Date: Tue, 24 Sep 2024 14:44:48 +0200
Subject: [PATCH] disable npm PRs by dependabot.

---
 .github/dependabot.yaml | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
index 21ca325..324bcba 100644
--- a/.github/dependabot.yaml
+++ b/.github/dependabot.yaml
@@ -17,3 +17,14 @@ updates:
       interval: "daily"
     commit-message:
       prefix: ".github:"
+  - package-ecosystem: "npm"
+    directory: "/"
+    registries: "*"
+    schedule:
+      interval: "daily"
+    commit-message:
+      prefix: ".npm:"
+    # "This option has no impact on security updates, which have a separate, internal limit of ten open pull requests."
+    # https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#open-pull-requests-limit
+    open-pull-requests-limit: 0
+