Dev by jamespepper81 · Pull Request #381 · BitSleuthAI/Wallet

jamespepper81 · 2026-01-04T18:13:01Z

This pull request introduces a comprehensive Dependabot configuration for the BitSleuth Wallet React Native + Expo project, along with detailed documentation. The main goal is to automate dependency updates across npm, Gradle, and GitHub Actions, while grouping related dependencies to reduce PR noise and ensure compatibility. The documentation explains the rationale behind each group and provides best practices for reviewers.

Dependabot configuration and documentation:

Added .github/dependabot.yml to configure automated dependency updates for npm (JavaScript/TypeScript), Gradle (Android), and GitHub Actions. The config includes dependency grouping for Expo SDK, React Native Firebase, Babel, and Bitcoin protocol packages, with tailored schedules, PR limits, and labels for each ecosystem.
Created docs/dependabot-configuration.md to document the configuration, explain the purpose of each dependency group, outline best practices for reviewing updates, and provide troubleshooting steps. The doc also clarifies changes from previous configurations and notes the lack of CocoaPods support.

Introduces a .github/dependabot.yml file to automate dependency updates for npm packages and GitHub Actions workflows. Configures update schedules, grouping, labeling, and commit message conventions to streamline dependency management and improve security.

- Remove irrelevant radix-ui grouping (web-only library) - Add CocoaPods ecosystem for iOS native dependencies - Add Gradle ecosystem for Android native dependencies - Add Expo SDK grouping to update packages together - Add React Native Firebase grouping for compatibility - Add Babel grouping to prevent version conflicts - Add comprehensive documentation Co-authored-by: jamespepper81 <84083764+jamespepper81@users.noreply.github.com>

- Group 10 Bitcoin packages (bitcoinjs-lib, bip32, bip39, etc.) - Includes cryptographic primitives (@noble/*, tiny-secp256k1) - Includes encoding libraries (bech32, bs58check) - Update documentation with rationale and examples Co-authored-by: jamespepper81 <84083764+jamespepper81@users.noreply.github.com>

- Remove cocoapods package-ecosystem (not supported by Dependabot) - Update documentation to reflect 3 ecosystems instead of 4 - Add note explaining iOS dependencies must be managed manually - Fix validation error reported by GitHub Co-authored-by: jamespepper81 <84083764+jamespepper81@users.noreply.github.com>

Fix Dependabot config for React Native + Expo ecosystem

jamespepper81 and others added 6 commits January 4, 2026 17:42

Initial plan

5132881

Merge pull request #380 from BitSleuthAI/copilot/check-dependabot-setup

58f2f51

Fix Dependabot config for React Native + Expo ecosystem

jamespepper81 merged commit 3a494d4 into main Jan 4, 2026
2 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Dev#381

Dev#381
jamespepper81 merged 6 commits into
mainfrom
dev

jamespepper81 commented Jan 4, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

jamespepper81 commented Jan 4, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants