From 8237844f81791b7157bd97ded3d4d75b452f56fa Mon Sep 17 00:00:00 2001 From: kpj2006 <24ucs074@lnmiit.ac.in> Date: Thu, 25 Dec 2025 06:42:01 +0530 Subject: [PATCH 1/6] add dependabot --- .github/CODEOWNERS | 0 .github/dependabot.yml | 274 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 274 insertions(+) create mode 100644 .github/CODEOWNERS create mode 100644 .github/dependabot.yml diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..e69de29 diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..d06af4e --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,274 @@ +# See help here: https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/enabling-and-disabling-version-updates + +version: 2 +updates: + # Enable version updates for npm + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + time: "09:00" + open-pull-requests-limit: 5 + reviewers: + - "AOSSIE-Org/maintainers" + assignees: + - "AOSSIE-Org/maintainers" + labels: + - "dependencies" + - "npm" + commit-message: + prefix: "chore(deps)" + include: "scope" + pull-request-branch-name: + separator: "/" + + # Enable version updates for GitHub Actions + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + time: "09:00" + open-pull-requests-limit: 5 + reviewers: + - "AOSSIE-Org/maintainers" + assignees: + - "AOSSIE-Org/maintainers" + labels: + - "dependencies" + - "github-actions" + commit-message: + prefix: "chore(deps)" + include: "scope" + + # Enable version updates for Docker + - package-ecosystem: "docker" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + time: "09:00" + open-pull-requests-limit: 5 + reviewers: + - "AOSSIE-Org/maintainers" + assignees: + - "AOSSIE-Org/maintainers" + labels: + - "dependencies" + - "docker" + commit-message: + prefix: "chore(deps)" + include: "scope" + + # Enable version updates for pip (Python) + - package-ecosystem: "pip" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + time: "09:00" + open-pull-requests-limit: 5 + reviewers: + - "AOSSIE-Org/maintainers" + assignees: + - "AOSSIE-Org/maintainers" + labels: + - "dependencies" + - "python" + commit-message: + prefix: "chore(deps)" + include: "scope" + + # Enable version updates for bundler (Ruby) + - package-ecosystem: "bundler" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + time: "09:00" + open-pull-requests-limit: 5 + reviewers: + - "AOSSIE-Org/maintainers" + assignees: + - "AOSSIE-Org/maintainers" + labels: + - "dependencies" + commit-message: + prefix: "chore(deps)" + include: "scope" + + # Enable version updates for Cargo (Rust) + - package-ecosystem: "cargo" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + time: "09:00" + open-pull-requests-limit: 5 + reviewers: + - "AOSSIE-Org/maintainers" + assignees: + - "AOSSIE-Org/maintainers" + labels: + - "dependencies" + commit-message: + prefix: "chore(deps)" + include: "scope" + + # Enable version updates for Maven (Java) + - package-ecosystem: "maven" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + time: "09:00" + open-pull-requests-limit: 5 + reviewers: + - "AOSSIE-Org/maintainers" + assignees: + - "AOSSIE-Org/maintainers" + labels: + - "dependencies" + commit-message: + prefix: "chore(deps)" + include: "scope" + + # Enable version updates for Gradle (Java) + - package-ecosystem: "gradle" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + time: "09:00" + open-pull-requests-limit: 5 + reviewers: + - "AOSSIE-Org/maintainers" + assignees: + - "AOSSIE-Org/maintainers" + labels: + - "dependencies" + commit-message: + prefix: "chore(deps)" + include: "scope" + + # Enable version updates for Composer (PHP) + - package-ecosystem: "composer" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + time: "09:00" + open-pull-requests-limit: 5 + reviewers: + - "AOSSIE-Org/maintainers" + assignees: + - "AOSSIE-Org/maintainers" + labels: + - "dependencies" + commit-message: + prefix: "chore(deps)" + include: "scope" + + # Enable version updates for Go modules + - package-ecosystem: "gomod" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + time: "09:00" + open-pull-requests-limit: 5 + reviewers: + - "AOSSIE-Org/maintainers" + assignees: + - "AOSSIE-Org/maintainers" + labels: + - "dependencies" + commit-message: + prefix: "chore(deps)" + include: "scope" + + # Enable version updates for Poetry (Python AI/ML projects) + - package-ecosystem: "pip" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + time: "09:00" + open-pull-requests-limit: 5 + reviewers: + - "AOSSIE-Org/maintainers" + assignees: + - "AOSSIE-Org/maintainers" + labels: + - "dependencies" + - "python" + - "ai-ml" + commit-message: + prefix: "chore(deps)" + include: "scope" + ignore: + # Ignore major version updates for ML frameworks to prevent breaking changes + - dependency-name: "tensorflow" + update-types: ["version-update:semver-major"] + - dependency-name: "torch" + update-types: ["version-update:semver-major"] + - dependency-name: "scikit-learn" + update-types: ["version-update:semver-major"] + + # Enable version updates for Terraform (Infrastructure) + - package-ecosystem: "terraform" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + time: "09:00" + open-pull-requests-limit: 5 + reviewers: + - "AOSSIE-Org/maintainers" + assignees: + - "AOSSIE-Org/maintainers" + labels: + - "dependencies" + - "infrastructure" + commit-message: + prefix: "chore(deps)" + include: "scope" + + # Enable version updates for Pub (Dart/Flutter - Blockchain DApps) + - package-ecosystem: "pub" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + time: "09:00" + open-pull-requests-limit: 5 + reviewers: + - "AOSSIE-Org/maintainers" + assignees: + - "AOSSIE-Org/maintainers" + labels: + - "dependencies" + - "flutter" + commit-message: + prefix: "chore(deps)" + include: "scope" + + # Enable version updates for NuGet (.NET - Blockchain projects) + - package-ecosystem: "nuget" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + time: "09:00" + open-pull-requests-limit: 5 + reviewers: + - "AOSSIE-Org/maintainers" + assignees: + - "AOSSIE-Org/maintainers" + labels: + - "dependencies" + - "dotnet" + commit-message: + prefix: "chore(deps)" + include: "scope" From 5e516bdee99ebd39a387d7e0f9540fad0f1dce1f Mon Sep 17 00:00:00 2001 From: kpj2006 <24ucs074@lnmiit.ac.in> Date: Thu, 25 Dec 2025 07:23:16 +0530 Subject: [PATCH 2/6] remove duplicate --- .github/dependabot.yml | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index d06af4e..1858f61 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -61,25 +61,6 @@ updates: prefix: "chore(deps)" include: "scope" - # Enable version updates for pip (Python) - - package-ecosystem: "pip" - directory: "/" - schedule: - interval: "weekly" - day: "monday" - time: "09:00" - open-pull-requests-limit: 5 - reviewers: - - "AOSSIE-Org/maintainers" - assignees: - - "AOSSIE-Org/maintainers" - labels: - - "dependencies" - - "python" - commit-message: - prefix: "chore(deps)" - include: "scope" - # Enable version updates for bundler (Ruby) - package-ecosystem: "bundler" directory: "/" From e595daf5b4be75fb835d42f8b7af2c7221d1f3d2 Mon Sep 17 00:00:00 2001 From: kpj2006 <24ucs074@lnmiit.ac.in> Date: Thu, 25 Dec 2025 07:37:18 +0530 Subject: [PATCH 3/6] left --- .github/CODEOWNERS | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index e69de29..40dd54f 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -0,0 +1,5 @@ +# Default code owners for this repository. +# TEMPLATE PLACEHOLDER: +# Replace the owners below with your org/user/team. + +* @kpj2006 @Zahnentferner \ No newline at end of file From 63de15ed2d66d9d18653a3691c9b576c0465893f Mon Sep 17 00:00:00 2001 From: kpj2006 <24ucs074@lnmiit.ac.in> Date: Fri, 20 Feb 2026 12:57:35 +0530 Subject: [PATCH 4/6] Delete .github/CODEOWNERS --- .github/CODEOWNERS | 5 ----- 1 file changed, 5 deletions(-) delete mode 100644 .github/CODEOWNERS diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS deleted file mode 100644 index 40dd54f..0000000 --- a/.github/CODEOWNERS +++ /dev/null @@ -1,5 +0,0 @@ -# Default code owners for this repository. -# TEMPLATE PLACEHOLDER: -# Replace the owners below with your org/user/team. - -* @kpj2006 @Zahnentferner \ No newline at end of file From 8c889d7b4b2dc3e81b0a668243f1a2703dd085a8 Mon Sep 17 00:00:00 2001 From: kpj2006 <24ucs074@lnmiit.ac.in> Date: Sat, 21 Feb 2026 00:51:01 +0530 Subject: [PATCH 5/6] refine dependabot without review --- .github/dependabot.yml | 156 +++++++++++++++++++---------------------- 1 file changed, 71 insertions(+), 85 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 1858f61..205fb34 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,40 +1,53 @@ # See help here: https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/enabling-and-disabling-version-updates +# Dependabot Configuration for Multi-Domain Projects +# Documentation: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file + +# ============================================================================ +# CUSTOMIZATION GUIDE +# ============================================================================ +# 1. Remove package ecosystems not used in your project (e.g., if no Java, remove maven & gradle) +# 2. Update "directory" if dependencies are in subdirectories (e.g., "/backend", "/frontend") +# 3. Adjust "schedule" timing based on your team's workflow +# 4. Set "open-pull-requests-limit" based on your review capacity (default: 5) +# 5. Add reviewers/assignees if needed: +# reviewers: +# - "username" # Individual GitHub user +# - "org/team-name" # Organization team +# assignees: +# - "username" +# 6. Customize labels to match your project's labeling system +# 7. Use "ignore" to exclude specific dependencies or update types +# 8. For monorepos, duplicate sections with different "directory" values +# ============================================================================ version: 2 updates: - # Enable version updates for npm + # NPM - JavaScript/Node.js projects + # Remove this section if your project doesn't use npm - package-ecosystem: "npm" - directory: "/" + directory: "/" # Change to "/frontend" or "/backend" for monorepos schedule: - interval: "weekly" - day: "monday" - time: "09:00" - open-pull-requests-limit: 5 - reviewers: - - "AOSSIE-Org/maintainers" - assignees: - - "AOSSIE-Org/maintainers" + interval: "weekly" # Options: daily, weekly, monthly + day: "monday" # For weekly: monday-sunday + time: "09:00" # UTC time + open-pull-requests-limit: 5 # Max PRs to keep open labels: - "dependencies" - "npm" commit-message: - prefix: "chore(deps)" + prefix: "chore(deps)" # Follows conventional commits include: "scope" pull-request-branch-name: - separator: "/" + separator: "/" # Creates branches like: dependabot/npm/package-name - # Enable version updates for GitHub Actions + # GitHub Actions - Keep workflows up to date (recommended for all projects) - package-ecosystem: "github-actions" - directory: "/" + directory: "/" # Scans .github/workflows/ schedule: interval: "weekly" day: "monday" time: "09:00" open-pull-requests-limit: 5 - reviewers: - - "AOSSIE-Org/maintainers" - assignees: - - "AOSSIE-Org/maintainers" labels: - "dependencies" - "github-actions" @@ -42,18 +55,15 @@ updates: prefix: "chore(deps)" include: "scope" - # Enable version updates for Docker + # Docker - Containerized applications + # Remove this section if your project doesn't use Docker - package-ecosystem: "docker" - directory: "/" + directory: "/" # Directory containing Dockerfile schedule: interval: "weekly" day: "monday" time: "09:00" open-pull-requests-limit: 5 - reviewers: - - "AOSSIE-Org/maintainers" - assignees: - - "AOSSIE-Org/maintainers" labels: - "dependencies" - "docker" @@ -61,7 +71,8 @@ updates: prefix: "chore(deps)" include: "scope" - # Enable version updates for bundler (Ruby) + # Bundler - Ruby projects + # Remove this section if your project doesn't use Ruby - package-ecosystem: "bundler" directory: "/" schedule: @@ -69,17 +80,15 @@ updates: day: "monday" time: "09:00" open-pull-requests-limit: 5 - reviewers: - - "AOSSIE-Org/maintainers" - assignees: - - "AOSSIE-Org/maintainers" labels: - "dependencies" + - "ruby" commit-message: prefix: "chore(deps)" include: "scope" - # Enable version updates for Cargo (Rust) + # Cargo - Rust projects + # Remove this section if your project doesn't use Rust - package-ecosystem: "cargo" directory: "/" schedule: @@ -87,17 +96,15 @@ updates: day: "monday" time: "09:00" open-pull-requests-limit: 5 - reviewers: - - "AOSSIE-Org/maintainers" - assignees: - - "AOSSIE-Org/maintainers" labels: - "dependencies" + - "rust" commit-message: prefix: "chore(deps)" include: "scope" - # Enable version updates for Maven (Java) + # Maven - Java projects + # Remove this section if your project uses Gradle instead or doesn't use Java - package-ecosystem: "maven" directory: "/" schedule: @@ -105,17 +112,15 @@ updates: day: "monday" time: "09:00" open-pull-requests-limit: 5 - reviewers: - - "AOSSIE-Org/maintainers" - assignees: - - "AOSSIE-Org/maintainers" labels: - "dependencies" + - "java" commit-message: prefix: "chore(deps)" include: "scope" - # Enable version updates for Gradle (Java) + # Gradle - Java/Kotlin/Android projects + # Remove this section if your project uses Maven instead or doesn't use Java/Kotlin - package-ecosystem: "gradle" directory: "/" schedule: @@ -123,17 +128,15 @@ updates: day: "monday" time: "09:00" open-pull-requests-limit: 5 - reviewers: - - "AOSSIE-Org/maintainers" - assignees: - - "AOSSIE-Org/maintainers" labels: - "dependencies" + - "java" commit-message: prefix: "chore(deps)" include: "scope" - # Enable version updates for Composer (PHP) + # Composer - PHP projects + # Remove this section if your project doesn't use PHP - package-ecosystem: "composer" directory: "/" schedule: @@ -141,17 +144,15 @@ updates: day: "monday" time: "09:00" open-pull-requests-limit: 5 - reviewers: - - "AOSSIE-Org/maintainers" - assignees: - - "AOSSIE-Org/maintainers" labels: - "dependencies" + - "php" commit-message: prefix: "chore(deps)" include: "scope" - # Enable version updates for Go modules + # Go Modules - Go projects + # Remove this section if your project doesn't use Go - package-ecosystem: "gomod" directory: "/" schedule: @@ -159,56 +160,46 @@ updates: day: "monday" time: "09:00" open-pull-requests-limit: 5 - reviewers: - - "AOSSIE-Org/maintainers" - assignees: - - "AOSSIE-Org/maintainers" labels: - "dependencies" + - "go" commit-message: prefix: "chore(deps)" include: "scope" - # Enable version updates for Poetry (Python AI/ML projects) + # Pip - Python projects (supports pip, pipenv, poetry) + # Remove this section if your project doesn't use Python - package-ecosystem: "pip" - directory: "/" + directory: "/" # Directory containing requirements.txt, Pipfile, or pyproject.toml schedule: interval: "weekly" day: "monday" time: "09:00" open-pull-requests-limit: 5 - reviewers: - - "AOSSIE-Org/maintainers" - assignees: - - "AOSSIE-Org/maintainers" labels: - "dependencies" - "python" - - "ai-ml" commit-message: prefix: "chore(deps)" include: "scope" - ignore: - # Ignore major version updates for ML frameworks to prevent breaking changes - - dependency-name: "tensorflow" - update-types: ["version-update:semver-major"] - - dependency-name: "torch" - update-types: ["version-update:semver-major"] - - dependency-name: "scikit-learn" - update-types: ["version-update:semver-major"] + # Uncomment and customize for AI/ML projects to prevent breaking changes: + # ignore: + # - dependency-name: "tensorflow" + # update-types: ["version-update:semver-major"] + # - dependency-name: "torch" + # update-types: ["version-update:semver-major"] + # - dependency-name: "scikit-learn" + # update-types: ["version-update:semver-major"] - # Enable version updates for Terraform (Infrastructure) + # Terraform - Infrastructure as Code + # Remove this section if your project doesn't use Terraform - package-ecosystem: "terraform" - directory: "/" + directory: "/" # Directory containing .tf files schedule: interval: "weekly" day: "monday" time: "09:00" open-pull-requests-limit: 5 - reviewers: - - "AOSSIE-Org/maintainers" - assignees: - - "AOSSIE-Org/maintainers" labels: - "dependencies" - "infrastructure" @@ -216,7 +207,8 @@ updates: prefix: "chore(deps)" include: "scope" - # Enable version updates for Pub (Dart/Flutter - Blockchain DApps) + # Pub - Dart/Flutter projects + # Remove this section if your project doesn't use Dart/Flutter - package-ecosystem: "pub" directory: "/" schedule: @@ -224,18 +216,16 @@ updates: day: "monday" time: "09:00" open-pull-requests-limit: 5 - reviewers: - - "AOSSIE-Org/maintainers" - assignees: - - "AOSSIE-Org/maintainers" labels: - "dependencies" - "flutter" + - "dart" commit-message: prefix: "chore(deps)" include: "scope" - # Enable version updates for NuGet (.NET - Blockchain projects) + # NuGet - .NET projects (C#, F#, VB.NET) + # Remove this section if your project doesn't use .NET - package-ecosystem: "nuget" directory: "/" schedule: @@ -243,10 +233,6 @@ updates: day: "monday" time: "09:00" open-pull-requests-limit: 5 - reviewers: - - "AOSSIE-Org/maintainers" - assignees: - - "AOSSIE-Org/maintainers" labels: - "dependencies" - "dotnet" From 524ed84d52629ff8f300e9cd7584b086a2f41b90 Mon Sep 17 00:00:00 2001 From: kpj2006 <24ucs074@lnmiit.ac.in> Date: Sat, 21 Feb 2026 01:43:42 +0530 Subject: [PATCH 6/6] use -instead of / for better readbility --- .github/dependabot.yml | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 205fb34..af82e93 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,4 +1,3 @@ -# See help here: https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/enabling-and-disabling-version-updates # Dependabot Configuration for Multi-Domain Projects # Documentation: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file @@ -38,7 +37,7 @@ updates: prefix: "chore(deps)" # Follows conventional commits include: "scope" pull-request-branch-name: - separator: "/" # Creates branches like: dependabot/npm/package-name + separator: "-" # Creates branches like: dependabot/npm-package-name # GitHub Actions - Keep workflows up to date (recommended for all projects) - package-ecosystem: "github-actions" @@ -54,6 +53,8 @@ updates: commit-message: prefix: "chore(deps)" include: "scope" + pull-request-branch-name: + separator: "-" # Docker - Containerized applications # Remove this section if your project doesn't use Docker @@ -70,6 +71,8 @@ updates: commit-message: prefix: "chore(deps)" include: "scope" + pull-request-branch-name: + separator: "-" # Bundler - Ruby projects # Remove this section if your project doesn't use Ruby @@ -86,6 +89,8 @@ updates: commit-message: prefix: "chore(deps)" include: "scope" + pull-request-branch-name: + separator: "-" # Cargo - Rust projects # Remove this section if your project doesn't use Rust @@ -102,6 +107,8 @@ updates: commit-message: prefix: "chore(deps)" include: "scope" + pull-request-branch-name: + separator: "-" # Maven - Java projects # Remove this section if your project uses Gradle instead or doesn't use Java @@ -118,6 +125,8 @@ updates: commit-message: prefix: "chore(deps)" include: "scope" + pull-request-branch-name: + separator: "-" # Gradle - Java/Kotlin/Android projects # Remove this section if your project uses Maven instead or doesn't use Java/Kotlin @@ -134,6 +143,8 @@ updates: commit-message: prefix: "chore(deps)" include: "scope" + pull-request-branch-name: + separator: "-" # Composer - PHP projects # Remove this section if your project doesn't use PHP @@ -150,6 +161,8 @@ updates: commit-message: prefix: "chore(deps)" include: "scope" + pull-request-branch-name: + separator: "-" # Go Modules - Go projects # Remove this section if your project doesn't use Go @@ -166,6 +179,8 @@ updates: commit-message: prefix: "chore(deps)" include: "scope" + pull-request-branch-name: + separator: "-" # Pip - Python projects (supports pip, pipenv, poetry) # Remove this section if your project doesn't use Python @@ -182,6 +197,8 @@ updates: commit-message: prefix: "chore(deps)" include: "scope" + pull-request-branch-name: + separator: "-" # Uncomment and customize for AI/ML projects to prevent breaking changes: # ignore: # - dependency-name: "tensorflow" @@ -206,6 +223,8 @@ updates: commit-message: prefix: "chore(deps)" include: "scope" + pull-request-branch-name: + separator: "-" # Pub - Dart/Flutter projects # Remove this section if your project doesn't use Dart/Flutter @@ -223,6 +242,8 @@ updates: commit-message: prefix: "chore(deps)" include: "scope" + pull-request-branch-name: + separator: "-" # NuGet - .NET projects (C#, F#, VB.NET) # Remove this section if your project doesn't use .NET @@ -239,3 +260,5 @@ updates: commit-message: prefix: "chore(deps)" include: "scope" + pull-request-branch-name: + separator: "-"