The following configuration for dependabot attempted to do two things:
apply the maintenance label to new PRs that it opened (which it did)
exclude the omega theme directory from dependabot security issues (not sure if this was successful or not)
Unfortunately, it also tried to create PRs for non-security version upgrades as well, which was overwhelming. If we can figure out how to achieve those two goals without the side effect, it would probably be useful.
The following configuration for dependabot attempted to do two things:
Unfortunately, it also tried to create PRs for non-security version upgrades as well, which was overwhelming. If we can figure out how to achieve those two goals without the side effect, it would probably be useful.
Old .github/dependabot.yml: