Update Dependabot configuration to ignore major version updates and specific project dependencies

flemming-n-larsen · flemming-n-larsen · commit 537bf55e348f · 2025-12-16T21:24:00.000+01:00
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -17,12 +17,15 @@ updates:
     # Ignore major version updates for now
     ignore:
       - dependency-name: "*"
-        update-types: ["version-update:semver-major"]
+        update-types: [ "version-update:semver-major" ]
+      # Ignore net.sf.robocode dependencies (this is our own project artifact)
+      # The repository used to have .NET plugins with Maven projects that were
+      # removed in 2021. GitHub's security scanning still references these old paths.
+      - dependency-name: "net.sf.robocode:*"
 
   # Maintain dependencies for GitHub Actions
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:
       interval: "weekly"
     open-pull-requests-limit: 5
-
