diff options
| author |  Kelvin M. Klann <kmk3.code@protonmail.com> | 2024-05-18 06:54:23 +0000 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2024-05-18 06:54:23 +0000 |
| commit | 442032c574a89651fa62b6695e024b173061932b (patch) | |
| tree | fdfe0b23eb0cb77480d4bbab6b25c50603acfc7a /.github/workflows/check-c.yml | |
| parent | New profile: nhex (#6341) (diff) | |
| download | firejail-442032c574a89651fa62b6695e024b173061932b.tar.gz firejail-442032c574a89651fa62b6695e024b173061932b.tar.zst firejail-442032c574a89651fa62b6695e024b173061932b.zip | |
ci: make dependabot updates monthly and bump PR limit (#6338)
It is currently only used for GitHub Actions. The ones used in this
project rarely ever contain notable changes in their changelogs (in a
way that would cause a noticeable difference in our CI).
Also, there are weeks when most/all of the PR/commit activity is from
dependabot PRs being opened/merged. For example, see the output of the
following command:
git log --no-decorate --oneline 9a0db13e12..bef085035
So change the checks from weekly to monthly to reduce the noise.
Additionally, bump `open-pull-requests-limit` to 4, as it seems that we
only have 4 dependencies:
$ git grep 'uses:' -- .github/ | sed -E 's/.*(uses: .*)@.*/\1/' |
LC_ALL=C sort -u
uses: actions/checkout
uses: github/codeql-action/analyze
uses: github/codeql-action/init
uses: step-security/harden-runner
This should ensure that PRs can be opened against all of them when the
dependabot check is run.
Diffstat (limited to '.github/workflows/check-c.yml')
0 files changed, 0 insertions, 0 deletions