version: 2 updates: # JavaScript/Node.js dependencies - package-ecosystem: "npm" directory: "/" schedule: interval: "daily" time: "03:00" timezone: "America/Chicago" open-pull-requests-limit: 10 reviewers: - "blackboxprogramming" commit-message: prefix: "🔒 [Security]" include: "scope" labels: - "dependencies" - "security" ignore: # Ignore major version updates for stability - dependency-name: "*" update-types: ["version-update:semver-major"] # Python dependencies - package-ecosystem: "pip" directory: "/" schedule: interval: "daily" time: "03:00" timezone: "America/Chicago" open-pull-requests-limit: 10 labels: - "dependencies" - "security" # Docker dependencies - package-ecosystem: "docker" directory: "/" schedule: interval: "weekly" day: "monday" time: "03:00" labels: - "dependencies" - "security" # GitHub Actions - package-ecosystem: "github-actions" directory: "/" schedule: interval: "weekly" day: "monday" time: "03:00" labels: - "dependencies" - "security" # Composer (PHP) - package-ecosystem: "composer" directory: "/" schedule: interval: "daily" labels: - "dependencies" - "security" # Bundler (Ruby) - package-ecosystem: "bundler" directory: "/" schedule: interval: "daily" labels: - "dependencies" - "security" # Gradle (Java) - package-ecosystem: "gradle" directory: "/" schedule: interval: "daily" labels: - "dependencies" - "security" # Maven (Java) - package-ecosystem: "maven" directory: "/" schedule: interval: "daily" labels: - "dependencies" - "security" # Go modules - package-ecosystem: "gomod" directory: "/" schedule: interval: "daily" labels: - "dependencies" - "security" # Cargo (Rust) - package-ecosystem: "cargo" directory: "/" schedule: interval: "daily" labels: - "dependencies" - "security"