From 810383cd2d884fd056d983552348da5c9a0ada7f Mon Sep 17 00:00:00 2001 From: William Cai Date: Mon, 22 Jun 2026 11:53:41 +0800 Subject: [PATCH] chore: drop Dependabot version-update config (security-only policy) Remove .github/dependabot.yml so Dependabot no longer opens weekly version-bump PRs across the Go modules and GitHub Actions. CVE coverage is retained via Dependabot *security* updates, which are controlled by the repo security settings, not this file. --- .github/dependabot.yml | 20 -------------------- 1 file changed, 20 deletions(-) delete mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml deleted file mode 100644 index 94c56a3a..00000000 --- a/.github/dependabot.yml +++ /dev/null @@ -1,20 +0,0 @@ -version: 2 -updates: - - package-ecosystem: "gomod" - directory: "/cpdaemon" - schedule: { interval: "weekly" } - - package-ecosystem: "gomod" - directory: "/cpctl" - schedule: { interval: "weekly" } - - package-ecosystem: "gomod" - directory: "/cpgolib" - schedule: { interval: "weekly" } - - package-ecosystem: "gomod" - directory: "/build" - schedule: { interval: "weekly" } - - package-ecosystem: "gomod" - directory: "/cptools/dockerpid" - schedule: { interval: "weekly" } - - package-ecosystem: "github-actions" - directory: "/" - schedule: { interval: "weekly" }