Most packages follow semantic versioning to define major.minor.patch versions.
I would like to configure Dependabot to exclude all patch versions and not create PRs.
From the docs it's not completely clear to me how to do this. The example shows the config for specific packages:
# Use `ignore` to specify dependencies that should not be updated
version: 2
updates:
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "weekly"
ignore:
- dependency-name: "express"
# For Express, ignore all Dependabot updates for version 4 and 5
versions: ["4.x", "5.x"]
# For Lodash, ignore all updates
- dependency-name: "lodash"
# For AWS SDK, ignore all patch updates for version updates only
- dependency-name: "aws-sdk"
update-types: ["version-update:semver-patch"]
How would I exclude all patch versions from being opened as PR?
as jon pointed out, the following config ignores all patch versions:
version: 2
updates:
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "weekly"
ignore:
- dependency-name: "*"
update-types: ["version-update:semver-patch"]