Don't create security alerts for dev-dependencies

jaylinski · jaylinski · commit e2f63da5c076 · 2021-12-29T22:48:01.000+01:00
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,9 @@
+version: 2
+updates:
+  - package-ecosystem: npm
+    directory: "/"
+    open-pull-requests-limit: 0
+    schedule:
+      interval: weekly
+    allow:
+      - dependency-type: production
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -22,7 +22,7 @@
   },
   "dependencies": {
     "minimist": "^1.2.5",
-    "neo-async": "^2.6.0",
+    "neo-async": "^2.6.2",
     "source-map": "^0.6.1",
     "wordwrap": "^1.0.0"
   },
