-
-
Notifications
You must be signed in to change notification settings - Fork 8.8k
/
dependabot.yml
63 lines (54 loc) · 2.47 KB
/
dependabot.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
---
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "daily"
- package-ecosystem: "maven"
directory: "/"
schedule:
interval: "daily"
ignore:
# Exclusions in this section have been triaged and determined to be
# permanent. We do not anticipate removing exclusions from this section.
# Provided by Jetty and should be aligned with the version provided by the
# version of Jetty we deliver. See:
# https://github.com/jenkinsci/jenkins/pull/5211
- dependency-name: "jakarta.servlet:jakarta.servlet-api"
# Jetty Maven Plugin and Winstone should be upgraded in lockstep in order
# to keep their corresponding Jetty versions aligned.
- dependency-name: "org.eclipse.jetty:jetty-maven-plugin"
- dependency-name: "org.jenkins-ci:winstone"
# Here lies technical debt. Exclusions in this section have been triaged
# and determined to be temporary. Exclusions should be removed from this
# section once the remaining action items have been completed.
# Contains incompatible API changes and needs compatibility work.
- dependency-name: "jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api"
# Needs significant testing. See:
# https://github.com/jenkinsci/jenkins/pull/5112#issuecomment-744429487
# https://github.com/jenkinsci/jenkins/pull/5116#issuecomment-744526638
- dependency-name: "org.codehaus.groovy:groovy-all"
versions: [">=2.5.0"]
# Consumed by Groovy and should be updated in lockstep with Groovy. See:
# https://github.com/jenkinsci/jenkins/pull/5184
- dependency-name: "org.fusesource.jansi:jansi"
# Contains incompatible API changes and needs compatibility work. See:
# https://github.com/jenkinsci/jenkins/pull/4224
- dependency-name: "org.jfree:jfreechart"
# Starting with 6.x, Spring requires Java 17 at a minimum.
- dependency-name: "org.springframework:spring-framework-bom"
versions: [">=6.0.0"]
# Starting with 6.x, Spring Security requires Java 17 at a minimum.
- dependency-name: "org.springframework.security:spring-security-bom"
versions: [">=6.0.0"]
- package-ecosystem: "maven"
directory: "/"
target-branch: "stable-2.375"
labels:
- "into-lts"
- "needs-justification"
schedule:
interval: "daily"
# Include only security updates and exclude version updates.
open-pull-requests-limit: 0