From bfe376c4c123f21f2ef7c3209231c66febeca173 Mon Sep 17 00:00:00 2001
From: Robert Lin <robert@bobheadxi.dev>
Date: Sat, 17 Oct 2020 08:57:58 +0800
Subject: [PATCH] deps: only upgrade lockfiles

---
 .github/dependabot.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index b6839122..bbf93e16 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -5,8 +5,9 @@
 
 version: 2
 updates:
-  - package-ecosystem: "pip" # See documentation for possible values
-    directory: "/" # Location of package manifests
+  - package-ecosystem: "pip"
+    directory: "/"
+    versioning-strategy: "lockfile-only" # only Pipfile.lock changes
     commit-message:
       prefix: "deps"
     schedule: