Skip to content

Add cooldown configuration to Dependabot updates #102

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
chrisreddington merged 2 commits into from
Dec 14, 2025
Merged

Add cooldown configuration to Dependabot updates #102

chrisreddington merged 2 commits into from
Dec 14, 2025

Conversation

Copy link
Contributor

Copilot AI commented Dec 14, 2025
edited
Loading

Super-linter 8.3.0 enforces Dependabot cooldown configuration. The linter flagged missing cooldown settings for both github-actions and npm package ecosystems.

Changes

  • Added cooldown.default-days: 7 to github-actions package ecosystem
  • Added cooldown.default-days: 7 to npm package ecosystem

This ensures Dependabot only creates PRs for dependencies published at least 7 days ago, reducing supply chain risk from newly released packages.

- package-ecosystem: github-actions
  directory: /
  schedule:
    interval: weekly
  open-pull-requests-limit: 10
  cooldown:
    default-days: 7
  groups:
    actions-minor:
      update-types:
        - minor
        - patch

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

Copilot AI mentioned this pull request Dec 14, 2025
Merged
Copilot AI changed the title [WIP] Update super-linter to version 8.3.0 Add cooldown configuration to Dependabot updates Dec 14, 2025
@chrisreddington chrisreddington marked this pull request as ready for review December 14, 2025 22:02
@chrisreddington chrisreddington merged commit a35be27 into dependabot/github_actions/actions-minor-60eb3724a9 Dec 14, 2025
1 check passed
@chrisreddington chrisreddington deleted the copilot/sub-pr-99 branch December 14, 2025 22:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chrisreddington chrisreddington Awaiting requested review from chrisreddington

Assignees

@chrisreddington chrisreddington

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@chrisreddington