Automated dependabot configuration in GitHub

Example dependabot.yml that contains a configuration block for npm
Pull request created by dependabot for a Terraform provider update

Note! Please treat this script only as an example, it does not support all the supported package ecosystems, yet and serves only as a proof of concept.

Output of update-dependabot.ps1 showing the list of identified components
# This file is auto-generated by .github/scripts/update-dependabot.ps1
version: 2
updates:
- package-ecosystem: "nuget"
directory: "/src/app"
schedule:
interval: "daily"
target-branch: "component-updates"
- package-ecosystem: "docker"
directory: "/src/app/AlwaysOn.GameService"
schedule:
interval: "daily"
target-branch: "component-updates"
- package-ecosystem: "docker"
directory: "/src/app/AlwaysOn.HealthService"
schedule:
interval: "daily"
target-branch: "component-updates"
...
UpdateDependabot GitHub Actions workflow output
Changes are automatically added to the PR
“Files changed” section of PR that contains changes to our dependabot.yml
Dependabot in a GitHub repository

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store