jinja/.github/dependabot.yml

version: 2
updates:
  - package-ecosystem: github-actions
    directory: /
    schedule:
      interval: monthly
    ignore:
      # slsa depends on upload/download v3
      - dependency-name: actions/upload-artifact
        versions: '>= 4'
      - dependency-name: actions/download-artifact
        versions: '>= 4'
    groups:
      github-actions:
        patterns:
          - '*'
  - package-ecosystem: pip
    directory: /requirements/
    schedule:
      interval: monthly
    groups:
      python-requirements:
        patterns:
          - '*'