diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 43c896b..eaf283b 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,28 +1,45 @@ -# To get started with Dependabot version updates, you'll need to specify which -# package ecosystems to update and where the package manifests are located. -# Please see the documentation for all configuration options: -# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates - version: 2 updates: - package-ecosystem: 'github-actions' directory: '/' schedule: - interval: 'weekly' - groups: - all-dependencies: - patterns: - - '*' + interval: 'daily' + cooldown: + default-days: 7 + exclude: + - 'grafana/*' - package-ecosystem: 'npm' directory: '/' schedule: - interval: 'weekly' - ignore: - - dependency-name: 'react' - update-types: ["version-update:semver-major"] - - dependency-name: 'react-dom' - update-types: ["version-update:semver-major"] + interval: 'daily' + cooldown: + semver-major-days: 30 + semver-minor-days: 14 + semver-patch-days: 7 + exclude: + - '@grafana/*' groups: - all-dependencies: + grafana-dependencies: patterns: - - '*' + - '@grafana/data' + - '@grafana/runtime' + - '@grafana/schema' + - '@grafana/ui' + + # Ignore dependencies that need to be updated manually for compatibility reasons + ignore: + # Keep @types/node in sync with the node version in .nvmrc + - dependency-name: '@types/node' + update-types: ['version-update:semver-major'] + # Keep react and react-dom on the same major version used by Grafana + - dependency-name: react + update-types: ['version-update:semver-major'] + - dependency-name: react-dom + update-types: ['version-update:semver-major'] + # Keep react-router-dom and react-router-dom-v5-compat on the same compatible major version used by Grafana + - dependency-name: react-router-dom + update-types: ['version-update:semver-major'] + - dependency-name: react-router-dom-v5-compat + update-types: ['version-update:semver-major'] + # Keep rxjs in sync with the version used by `@grafana/*` packages + - dependency-name: rxjs diff --git a/.github/workflows/dependabot-reviewer.yml b/.github/workflows/dependabot-reviewer.yml new file mode 100644 index 0000000..00f051d --- /dev/null +++ b/.github/workflows/dependabot-reviewer.yml @@ -0,0 +1,11 @@ +name: Dependabot reviewer +on: pull_request +permissions: + pull-requests: write + contents: write +jobs: + call-workflow-passing-data: + uses: grafana/security-github-actions/.github/workflows/dependabot-automerge.yaml@main + with: + packages-minor-autoupdate: '["@grafana/async-query-data","@grafana/plugin-ui"]' + repository-merge-method: 'squash' diff --git a/package.json b/package.json index 6fa4364..dc160bb 100644 --- a/package.json +++ b/package.json @@ -69,7 +69,6 @@ "prettier": "^3.4.2", "react": "18.3.1", "react-dom": "18.3.1", - "react-router-dom": "^7.1.1", "react-select-event": "^5.5.1", "rimraf": "^6.0.1", "rollup": "4.41.0", diff --git a/yarn.lock b/yarn.lock index 0ebbb87..d55767b 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3443,11 +3443,6 @@ convert-source-map@^2.0.0: resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-2.0.0.tgz#4b560f649fc4e918dd0ab75cf4961e8bc882d82a" integrity sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg== -cookie@^1.0.1: - version "1.0.2" - resolved "https://registry.yarnpkg.com/cookie/-/cookie-1.0.2.tgz#27360701532116bd3f1f9416929d176afe1e4610" - integrity sha512-9Kr/j4O16ISv8zBBhJoi4bXOYNTkFLOqSL3UDB0njXxCXNezjeyVrJyGOWtgfs/q2km1gwBcfH8q1yEGoMYunA== - copy-to-clipboard@^3.3.1: version "3.3.3" resolved "https://registry.yarnpkg.com/copy-to-clipboard/-/copy-to-clipboard-3.3.3.tgz#55ac43a1db8ae639a4bd99511c148cdd1b83a1b0" @@ -7543,13 +7538,6 @@ react-router-dom@5.3.4: tiny-invariant "^1.0.2" tiny-warning "^1.0.0" -react-router-dom@^7.1.1: - version "7.6.0" - resolved "https://registry.yarnpkg.com/react-router-dom/-/react-router-dom-7.6.0.tgz#eadcede43856dc714fa3572a946fd7502775c017" - integrity sha512-DYgm6RDEuKdopSyGOWZGtDfSm7Aofb8CCzgkliTjtu/eDuB0gcsv6qdFhhi8HdtmA+KHkt5MfZ5K2PdzjugYsA== - dependencies: - react-router "7.6.0" - react-router@5.3.4: version "5.3.4" resolved "https://registry.yarnpkg.com/react-router/-/react-router-5.3.4.tgz#8ca252d70fcc37841e31473c7a151cf777887bb5" @@ -7572,14 +7560,6 @@ react-router@6.28.0: dependencies: "@remix-run/router" "1.21.0" -react-router@7.6.0: - version "7.6.0" - resolved "https://registry.yarnpkg.com/react-router/-/react-router-7.6.0.tgz#e2d0872d7bea8df79465a8bba9a20c87c32ce995" - integrity sha512-GGufuHIVCJDbnIAXP3P9Sxzq3UUsddG3rrI3ut1q6m0FI6vxVBF3JoPQ38+W/blslLH4a5Yutp8drkEpXoddGQ== - dependencies: - cookie "^1.0.1" - set-cookie-parser "^2.6.0" - react-select-event@^5.5.1: version "5.5.1" resolved "https://registry.yarnpkg.com/react-select-event/-/react-select-event-5.5.1.tgz#d67e04a6a51428b1534b15ecb1b82afbe5edddcb" @@ -7983,11 +7963,6 @@ semver@^7.3.5, semver@^7.5.3, semver@^7.5.4, semver@^7.6.0, semver@^7.6.3, semve resolved "https://registry.yarnpkg.com/semver/-/semver-7.7.2.tgz#67d99fdcd35cec21e6f8b87a7fd515a33f982b58" integrity sha512-RF0Fw+rO5AMf9MAyaRXI4AV0Ulj5lMHqVxxdSgiVbixSCXoEmmX/jk0CuJw4+3SqroYO9VoUh+HcuJivvtJemA== -set-cookie-parser@^2.6.0: - version "2.7.1" - resolved "https://registry.yarnpkg.com/set-cookie-parser/-/set-cookie-parser-2.7.1.tgz#3016f150072202dfbe90fadee053573cc89d2943" - integrity sha512-IOc8uWeOZgnb3ptbCURJWNjWUPcO3ZnTTdzsurqERrP6nPyv+paC55vJM0LpOlT2ne+Ix+9+CRG1MNLlyZ4GjQ== - set-function-length@^1.2.1, set-function-length@^1.2.2: version "1.2.2" resolved "https://registry.yarnpkg.com/set-function-length/-/set-function-length-1.2.2.tgz#aac72314198eaed975cf77b2c3b6b880695e5449"