From 9b2cc2f17d7e6dc1a7702f6b54754d46e244dd74 Mon Sep 17 00:00:00 2001
From: IgnorancePulls <mark.simonovskiy@pipedrive.com>
Date: Mon, 2 Jun 2025 15:40:39 +0300
Subject: [PATCH] GRAL-4829: add dependabot file

---
 .github/dependabot.yml | 49 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..3ea73f4
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,49 @@
+# Please see the documentation for all configuration options:
+# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+registries:
+  npm-pipedrive:
+    type: npm-registry
+    url: https://npm-registry-proxy.pipedrive.tools
+    token: ${{ secrets.NPM_TOKEN }}
+  github:
+    type: git
+    url: https://github.com
+    username: x-access-token
+    password: ${{ secrets.GHA_ACCESS_TOKEN }}
+
+updates:
+  # Update config based in the comment https://github.com/dependabot/dependabot-core/issues/4993#issuecomment-1289133027
+  - package-ecosystem: 'npm'
+    directory: '/'
+    schedule:
+      interval: 'daily'
+      time: '10:00'
+      timezone: 'Europe/Tallinn'
+    rebase-strategy: 'disabled'
+    registries:
+      - npm-pipedrive
+      - github
+    open-pull-requests-limit: 10
+    versioning-strategy: increase
+    ignore:
+      - dependency-name: '*'
+        update-types: ['version-update:semver-major']
+    groups:
+      all-minor-patch-updates:
+        patterns:
+          - '*'
+        update-types:
+          - minor
+          - patch
+  - package-ecosystem: 'github-actions'
+    directory: '/'
+    schedule:
+      interval: 'daily'
+      time: '10:00'
+      timezone: 'Europe/Tallinn'
+    open-pull-requests-limit: 10
+    ignore:
+      - dependency-name: '*'
+        update-types: ['version-update:semver-major']
\ No newline at end of file