diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 00dc69828b..ffe967e99c 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,9 +1,21 @@ version: 2 updates: + - package-ecosystem: "uv" + directory: "/" + schedule: + interval: monthly + cooldown: + default-days: 14 + groups: + python-packages: + patterns: + - "*" - package-ecosystem: "github-actions" directory: "/" schedule: interval: monthly + cooldown: + default-days: 14 groups: github-actions: patterns: diff --git a/.github/workflows/weekly-lockfile-update.yml b/.github/workflows/weekly-lockfile-update.yml deleted file mode 100644 index ae17795bb9..0000000000 --- a/.github/workflows/weekly-lockfile-update.yml +++ /dev/null @@ -1,43 +0,0 @@ -name: Weekly Lockfile Update - -on: - workflow_dispatch: - schedule: - # Every Thursday at 8:00 UTC - - cron: "0 8 * * 4" - -permissions: - contents: write - pull-requests: write - -jobs: - update-lockfile: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - with: - persist-credentials: false - - - uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0 - with: - version: 0.9.5 - - - name: Update lockfile - run: | - echo '## Updated Dependencies' > pr_body.md - echo '' >> pr_body.md - echo '```' >> pr_body.md - uv lock --upgrade 2>&1 | tee -a pr_body.md - echo '```' >> pr_body.md - - - name: Create pull request - uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1 - with: - commit-message: "chore: update uv.lock with latest dependencies" - sign-commits: true - title: "chore: weekly dependency update" - body-path: pr_body.md - branch: weekly-lockfile-update - delete-branch: true - add-paths: uv.lock - labels: dependencies