From c242ec18dcda6c0a9994b7eb2088a3b52e365c35 Mon Sep 17 00:00:00 2001 From: Simon Davies Date: Thu, 9 Apr 2026 09:12:24 +0100 Subject: [PATCH 1/2] update dependabot job Signed-off-by: Simon Davies --- .github/dependabot.yml | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index bc11829..955879a 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,23 +1,26 @@ -# To get started with Dependabot version updates, you'll need to specify which -# package ecosystems to update and where the package manifests are located. -# Please see the documentation for all configuration options: -# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file - version: 2 -updates: +updates: - package-ecosystem: "github-actions" directory: "/" schedule: interval: "daily" time: "03:00" + open-pull-requests-limit: 20 + - package-ecosystem: "cargo" - directories: - - "/" + directories: + - "/src/sandbox/runtime" + - "/src/code-validator/guest" schedule: interval: "daily" time: "03:00" + open-pull-requests-limit: 20 + - package-ecosystem: "npm" - directory: "/src/js-host-api" + directories: + - "/" + - "/src/code-validator/guest" schedule: interval: "daily" time: "03:00" + open-pull-requests-limit: 20 From f82d0845006b43c64f6dcead0985b59c847901a9 Mon Sep 17 00:00:00 2001 From: Simon Davies Date: Thu, 9 Apr 2026 13:26:27 +0100 Subject: [PATCH 2/2] fix npm dependabot Signed-off-by: Simon Davies --- .github/dependabot.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 955879a..6c15453 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -24,3 +24,6 @@ updates: interval: "daily" time: "03:00" open-pull-requests-limit: 20 + ignore: + # Build-time symlink to external Cargo checkout — not in the repo + - dependency-name: "@hyperlight/js-host-api"