Skip to content

chore: add dependabot cooldown configuration#130

Merged
Anush008 merged 1 commit into
masterfrom
chore/dependabot-cooldown
Jun 23, 2026
Merged

chore: add dependabot cooldown configuration#130
Anush008 merged 1 commit into
masterfrom
chore/dependabot-cooldown

Conversation

@andres-qd

Copy link
Copy Markdown
Contributor

Summary

  • Adds cooldown: default-days: 7 to all Dependabot update entries
  • Delays version updates by 7 days after release to reduce risk of regressions and supply chain attacks
  • Does not affect security updates (those still come immediately)

Ref: https://docs.zizmor.sh/audits/#dependabot-cooldown

@Anush008

Copy link
Copy Markdown
Member

Thank you 🙏

@Anush008 Anush008 merged commit 0d38091 into master Jun 23, 2026
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

2 participants