Create dependabot.yml

[tjorim]

Frenck's add-on linter has been updated to support #11 but there is no PR for the new release opened.
I noticed this repo (unlike others in this project) does not have dependabot enabled to update github actions.

[coderabbitai]

Walkthrough

Walkthrough

This pull request introduces a new configuration file for Dependabot, targeting both GitHub Actions and devcontainers. The configuration automates dependency updates, scheduling them weekly at 06:00, with a maximum of 10 open pull requests allowed at any time. Each update is tagged for easy identification. This change aims to keep the project dependencies fresh and up-to-date, like a well-watered plant—no one likes a wilting codebase!

Changes

File	Change Summary
.github/dependabot.yml	Added configuration for Dependabot, including version, updates for both devcontainers and GitHub Actions, directory, labels, schedule, and open pull request limit.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant Dependabot
    participant GitHub Actions
    participant Devcontainers

    User->>Dependabot: Request dependency update
    Dependabot->>GitHub Actions: Check for updates
    GitHub Actions-->>Dependabot: Return available updates
    Dependabot->>Devcontainers: Check for updates
    Devcontainers-->>Dependabot: Return available updates
    Dependabot->>User: Create pull request for updates
    User->>Dependabot: Review and merge pull request

Loading

And there you have it! Dependabot is now on a weekly mission to keep your dependencies as fresh as a morning bagel—because stale dependencies are just the worst! 🥯

Tip

Announcements

• The review status is no longer posted as a separate comment when there are no actionable or nitpick comments. In such cases, the review status is included in the walkthrough comment.
• We have updated our review workflow to use the Anthropic's Claude family of models. Please share any feedback in the discussion post on our Discord.
• Possibly related PRs: Walkthrough comment now includes a list of potentially related PRs to help you recall past context. Please share any feedback in the discussion post on our Discord.
• Suggested labels: CodeRabbit can now suggest labels by learning from your past PRs in the walkthrough comment. You can also provide custom labeling instructions in the UI or configuration file.
• Possibly related PRs, automatic label suggestions based on past PRs, learnings, and possibly related issues require data opt-in (enabled by default).

---

Recent review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE

Commits

Files that changed from the base of the PR and between 450e97e and 0ce100b.

Files selected for processing (1)

• .github/dependabot.yml (1 hunks)

Additional comments not posted (1)

.github/dependabot.yml (1)

1-18: Dependabot configuration looks great! 🌱

The Dependabot configuration follows the recommended practices and covers both devcontainers and GitHub Actions. It's like a well-tended garden, keeping your dependencies fresh and up-to-date. 🌻

Some highlights:

• Uses the latest version of the configuration format. Always stay on the cutting edge! 🚀
• Configures multiple ecosystems in the same file. Efficiency for the win! 🏅
• Applies labels to pull requests for easy identification. No more playing hide-and-seek with your PRs! 🕵️‍♀️
• Limits the number of open pull requests to avoid overwhelming the maintainers. We don't want to drown in a sea of PRs! 🌊
• Uses a reasonable update schedule (weekly) to keep dependencies fresh without being too frequent. It's like watering your plants, but for your codebase! 🌿

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

‼️ IMPORTANT
Auto-reply has been disabled for this repository in the CodeRabbit settings. The CodeRabbit bot will not respond to your replies unless it is explicitly tagged.

• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[ludeeus]

Could you extend this so it also covers the devcontianer features as well?

[tjorim]

Sure, do we want them daily or weekly?

[ludeeus]

Weekly should be fine 👌

[ludeeus]

Thanks!