Skip to content

🩹[Patch]: Configure Dependabot for daily schedule with 7-day cooldown #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
MariusStorhaug wants to merge 2 commits into
base: main
Choose a base branch
from
Open

🩹[Patch]: Configure Dependabot for daily schedule with 7-day cooldown #8

MariusStorhaug wants to merge 2 commits into from
+15 −31

Conversation

@MariusStorhaug
Copy link
Member

@MariusStorhaug MariusStorhaug commented Jan 22, 2026
edited
Loading

Improves dependency management by configuring Dependabot to check daily while preventing excessive update noise through a 7-day cooldown period. This ensures timely security updates while reducing PR churn.

  • Related to PSModule workflow standardization

Dependabot configuration

Changed the update schedule from weekly to daily with a 7-day cooldown period. This provides faster detection of security vulnerabilities while avoiding duplicate PRs for the same dependency within a week.

schedule:
  interval: daily
cooldown:
  default-days: 7

Release configuration cleanup

Removed the deprecated .github/release.yml file as release notes are now managed through the Auto-Release action's automated process.

Action pinning

Pinned all GitHub Actions to specific commit SHAs for improved security and reproducibility:

  • actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd (v6.0.2)
  • actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f (v6.0.0)
  • super-linter/super-linter@d5b0a2ab116623730dd094f15ddc1b6b25bf7b99 (v8.3.2)
  • PSModule/Auto-Release@eabd533035e2cb9822160f26f2eda584bd012356 (v1.9.5)
  • PSModule/GitHub-Script@2010983167dc7a41bcd84cb88e698ec18eccb7ca (v1.7.8)

Copilot AI review requested due to automatic review settings January 22, 2026 18:17
Copilot AI reviewed Jan 22, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This pull request aims to configure Dependabot for daily schedule with a 7-day cooldown period. However, the PR includes several additional changes not mentioned in the description: updates to multiple GitHub Actions to version 6.x (which may not exist yet), and the deletion of the .github/release.yml configuration file.

Changes:

  • Modified Dependabot configuration to use daily schedule and added cooldown configuration
  • Updated GitHub Actions versions across multiple workflow files (checkout@v6.0.2, upload-artifact@v6.0.0, super-linter@v8.3.2, Auto-Release@v1.9.5)
  • Deleted .github/release.yml file

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
.github/dependabot.yml Changed schedule from weekly to daily and added cooldown configuration
.github/workflows/Linter.yml Updated actions/checkout to v6.0.2 and super-linter to v8.3.2
.github/workflows/Auto-Release.yml Updated actions/checkout to v6.0.2 and PSModule/Auto-Release to v1.9.5
.github/workflows/Action-Test.yml Updated actions/checkout to v6.0.2 and actions/upload-artifact to v6.0.0 across multiple steps
.github/release.yml Removed release configuration file entirely

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

.github/dependabot.yml
Comment on lines +14 to +16
interval: daily
cooldown:
default-days: 7
Copy link

Copilot AI Jan 22, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The cooldown configuration option does not exist in Dependabot's configuration schema. As of January 2025, Dependabot does not support a cooldown feature for delaying updates after dependency releases. The valid configuration options for controlling update frequency are schedule.interval (with values like daily, weekly, monthly) and open-pull-requests-limit. Consider removing this unsupported configuration or using alternative approaches like schedule.interval: weekly to achieve a similar effect of less frequent updates.

Suggested change
interval: daily
cooldown:
default-days: 7
interval: weekly

Copilot uses AI. Check for mistakes.
@MariusStorhaug MariusStorhaug changed the title 🩹 Configure Dependabot for daily schedule with 7-day cooldown 🩹[Patch] Configure Dependabot for daily schedule with 7-day cooldown Jan 22, 2026
@MariusStorhaug MariusStorhaug changed the title 🩹[Patch] Configure Dependabot for daily schedule with 7-day cooldown 🩹[Patch]: Configure Dependabot for daily schedule with 7-day cooldown Jan 22, 2026
@MariusStorhaug MariusStorhaug changed the title 🩹[Patch]: Configure Dependabot for daily schedule with 7-day cooldown 🩹 [Patch] Configure Dependabot for daily schedule with 7-day cooldown Jan 22, 2026
@MariusStorhaug MariusStorhaug changed the title 🩹 [Patch] Configure Dependabot for daily schedule with 7-day cooldown 🩹[Patch]: Configure Dependabot for daily schedule with 7-day cooldown Jan 22, 2026
@MariusStorhaug MariusStorhaug self-assigned this Jan 22, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 0 approving reviews are required to merge this pull request.

Assignees

@MariusStorhaug MariusStorhaug

Labels

patch

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MariusStorhaug