From 7ff3620f50210b207497b435b95b63ba22782ee6 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Mon, 8 Dec 2025 12:33:25 +0100 Subject: [PATCH] Dependabot/gh-actions: move to bi-weekly schedule :point_right: Important: this is for **version** updates only, not for security updates, which are handled separately and don't depend on this configuration. --- PR 3229 updated the GitHub Actions workflows used in this repo to use "pinned" versions for external action runners to improve workflow security. The current "frequency" is weekly. As these updates are rarely time-sensitive, it should be fine to receive them less frequently. This commit tries to make it so by changing the Dependabot schedule for GitHub Actions to once every two weeks and late in the day when the queue should be mostly empty (as long as it's not a Monday), so the update PR will come in on a more predictable schedule. --- .github/dependabot.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 8a7997b3..3b229a53 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -8,7 +8,8 @@ updates: - package-ecosystem: "github-actions" directory: "/" schedule: - interval: "weekly" + interval: "cron" + cronjob: "10 22 5,20 * *" # At 22:10, every 5th and 20th day of the month. open-pull-requests-limit: 5 commit-message: prefix: "GH Actions:"