From 374ab6fe23f9d107a76178e9d58052980905ccd7 Mon Sep 17 00:00:00 2001
From: dforbes09 <115037544+dforbes09@users.noreply.github.com>
Date: Wed, 27 Dec 2023 14:36:51 -0500
Subject: [PATCH] Update dependabot.yml

---
 .github/dependabot.yml | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 3a3cce5..8e37937 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -3,9 +3,49 @@
 # Please see the documentation for all configuration options:
 # https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
 
+
+# Update NPM version 2 for the entire repo on a weekly schedule
 version: 2
 updates:
   - package-ecosystem: "npm" # See documentation for possible values
     directory: "/" # Location of package manifests
     schedule:
       interval: "weekly"
+
+
+# using group updates.
+# Any packages matching the pattern @angular* where the highest resolvable
+# version is minor or patch will be grouped together.
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    groups:
+      angular:
+        patterns:
+        - "@angular*"
+        update-types:
+        - "minor"
+        - "patch"
+
+  # Use `ignore` to specify dependencies that should not be updated
+
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    ignore:
+      - dependency-name: "express"
+        # For Express, ignore all Dependabot updates for version 4 and 5
+        versions: ["4.1.x", "5.x"]
+        # For Lodash, ignore all updates
+      - dependency-name: "cryptography(pip)" #lodash was original text here
+        # For AWS SDK, ignore all patch updates for version updates only
+      - dependency-name: "aws-sdk"
+        update-types: ["version-update:semver-patch"]
+
+