# Dependabot configuration
# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates

version: 2
updates:
  # Maintain dependencies for npm/pnpm
  - package-ecosystem: "npm"
    directory: "/"
    schedule:
      interval: "weekly"
      day: "monday"
      time: "09:00"
      timezone: "America/New_York"
    open-pull-requests-limit: 10
    reviewers:
      - "pegasusheavy"
    labels:
      - "dependencies"
      - "automated"
    commit-message:
      prefix: "chore(deps)"
    groups:
      # Group minor and patch updates together
      minor-and-patch:
        patterns:
          - "*"
        update-types:
          - "minor"
          - "patch"
      # Keep major updates separate for review
      typescript:
        patterns:
          - "typescript"
          - "@types/*"
      eslint:
        patterns:
          - "eslint"
          - "@typescript-eslint/*"
      vitest:
        patterns:
          - "vitest"
          - "@vitest/*"

  # Maintain dependencies for GitHub Actions
  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
      interval: "weekly"
      day: "monday"
    open-pull-requests-limit: 5
    reviewers:
      - "pegasusheavy"
    labels:
      - "dependencies"
      - "github-actions"
      - "automated"
    commit-message:
      prefix: "chore(ci)"

