Update dependabot.yml

.github/dependabot.yml

@@ -3,9 +3,49 @@
 # Please see the documentation for all configuration options:
 # https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
 
+
+# Update NPM version 2 for the entire repo on a weekly schedule
 version: 2
 updates:
   - package-ecosystem: "npm" # See documentation for possible values
     directory: "/" # Location of package manifests
     schedule:
       interval: "weekly"
+
+
+# using group updates.
+# Any packages matching the pattern @angular* where the highest resolvable
+# version is minor or patch will be grouped together.
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    groups:
+      angular:
+        patterns:
+        - "@angular*"
+        update-types:
+        - "minor"
+        - "patch"
+
+  # Use `ignore` to specify dependencies that should not be updated
+
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    ignore:
+      - dependency-name: "express"
+        # For Express, ignore all Dependabot updates for version 4 and 5
+        versions: ["4.1.x", "5.x"]
+        # For Lodash, ignore all updates
+      - dependency-name: "cryptography(pip)" #lodash was original text here
+        # For AWS SDK, ignore all patch updates for version updates only
+      - dependency-name: "aws-sdk"
+        update-types: ["version-update:semver-patch"]
+
+