Skip to content

Configure Dependabot to monitor @github/copilot npm updates#94

Merged
edburns merged 1 commit intomainfrom
edburns/dd-2955542-dependabot
Apr 24, 2026
Merged

Configure Dependabot to monitor @github/copilot npm updates#94
edburns merged 1 commit intomainfrom
edburns/dd-2955542-dependabot

Conversation

@edburns
Copy link
Copy Markdown
Collaborator

@edburns edburns commented Apr 24, 2026

  • Add npm ecosystem entry for scripts/codegen/ directory
  • Filter to @github/copilot package only (daily schedule)
  • Add github-actions ecosystem entry for workflow updates (weekly)

Related to #93 .

Before the change?

  • There is no agentic way to keep the generated code in sync with the reference implementation.

After the change?

  • This way exists.

Pull request checklist

  • Tests for the changes have been added (for bug fixes / features)
  • Docs have been reviewed and added / updated if needed (for bug fixes / features)
  • mvn spotless:apply has been run to format the code
  • mvn clean verify passes locally

Does this introduce a breaking change?

  • Yes
  • No infrastructure only.

@edburns
Configure Dependabot to monitor @github/copilot npm updates
495b3f4 
- Add npm ecosystem entry for scripts/codegen/ directory
- Filter to @github/copilot package only (daily schedule)
- Add github-actions ecosystem entry for workflow updates (weekly)

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Copilot AI review requested due to automatic review settings April 24, 2026 18:11
@edburns
Copy link
Copy Markdown
Collaborator Author

edburns commented Apr 24, 2026

@copilot

I already did this locally.

Ran terminal command: pip3 install --quiet check-jsonschema && check-jsonschema --schemafile /tmp/dependabot-2.0-schema.json .github/dependabot.yml
Completed with input: pip3 install --quiet check-jsonschema && check-jsonschema --schemafile /tmp/dependabot-2.0-schema.json .github/dependabot.yml

Ran terminal command: /Users/edburns/Library/Python/3.9/bin/check-jsonschema --schemafile /tmp/dependabot-2.0-schema.json .github/dependabot.yml

Validation passed. The dependabot.yml is valid against the official schema. Safe to merge to main.

Copilot AI reviewed Apr 24, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Configures Dependabot to automatically track upstream dependency updates relevant to keeping the SDK’s generated code and workflows in sync with the reference implementation.

Changes:

  • Add a Dependabot npm update configuration for /scripts/codegen on a daily schedule.
  • Restrict npm updates to the @github/copilot package and limit open PRs to 1.
  • Add a weekly Dependabot configuration for github-actions updates.
Show a summary per file
File Description
.github/dependabot.yml Adds Dependabot update entries for npm codegen dependencies and GitHub Actions workflow versions.

Copilot's findings

  • Files reviewed: 1/1 changed files
  • Comments generated: 0

@edburns edburns merged commit 0e810e1 into main Apr 24, 2026
11 of 12 checks passed
Copilot stopped work on behalf of edburns due to an error April 24, 2026 18:13
The session was cancelled by the user.
@edburns edburns mentioned this pull request Apr 24, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@edburns