From 63313b22ab5b0371f1ba592edacb411dfd5607d2 Mon Sep 17 00:00:00 2001
From: Erik Dubbelboer <erik@dubbelboer.com>
Date: Thu, 18 Sep 2025 13:39:22 +0200
Subject: [PATCH] Delay dependabot updates by 5 days

Wait 5 days to get updates. We hope supply chain attacks are detected before these 5 days.
---
 .github/dependabot.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 4af650e..620cb2c 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -8,6 +8,8 @@ updates:
       github-actions:
         patterns:
           - "*"
+    cooldown:
+      default-days: 5
   - package-ecosystem: "gomod"
     directory: "/"
     schedule:
@@ -16,6 +18,8 @@ updates:
       gomod:
         patterns:
           - "*"
+    cooldown:
+      default-days: 5
   - package-ecosystem: "docker"
     directory: "/"
     schedule:
@@ -24,6 +28,8 @@ updates:
       docker:
         patterns:
           - "*"
+    cooldown:
+      default-days: 5
   - package-ecosystem: "npm"
     directory: "/"
     schedule:
@@ -32,3 +38,5 @@ updates:
       npm:
         patterns:
           - "*"
+    cooldown:
+      default-days: 5