-
Notifications
You must be signed in to change notification settings - Fork 1.3k
/
Copy pathdependabot.yml
66 lines (66 loc) · 3.41 KB
/
dependabot.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
version: 2
updates:
- package-ecosystem: "gradle"
open-pull-requests-limit: 6
directory: "/"
schedule:
interval: "daily"
labels:
- "bot: dependencies update"
reviewers:
- "wordpress-mobile/android-developers"
groups:
kotlin-ksp:
applies-to: version-updates
patterns:
- "org.jetbrains.kotlin*"
- "com.google.devtools.ksp*"
exclude-patterns:
- "org.jetbrains.kotlinx*"
ignore:
# The Android Gradle Plugin is a dependency that needs to be in sync with other
# in-house libraries due to compatibility with composite build.
- dependency-name: "com.android.tools.build:gradle"
- dependency-name: "com.android.application"
- dependency-name: "com.android.library"
# Bumping 2.13.3 to the newest version requires lots of changes, including changes to
# Gutenberg. As such, and as agreed, any update is paused. For more details, see
# https://github.com/wordpress-mobile/WordPress-Android/pull/17936#issuecomment-1553227875
- dependency-name: "com.google.android.exoplayer:exoplayer"
# Bumping 2.26.3 to 2.27.2 will break the mocks. For more details, see
# https://github.com/wiremock/wiremock/issues/1345#issuecomment-656060968
- dependency-name: "com.github.tomakehurst:wiremock"
# List of React Native related dependencies that should be explicitly updated alongside a
# React Native upgrade. For more details, see
# https://github.com/wordpress-mobile/WordPress-Android/pull/18494#issuecomment-1566922244
- dependency-name: "com.facebook.react:react-native"
- dependency-name: "com.facebook.react:react-android"
- dependency-name: "com.facebook.react:hermes-engine"
- dependency-name: "com.facebook.react:hermes-android"
- dependency-name: "com.facebook.fresco:fresco"
- dependency-name: "com.facebook.fresco:imagepipeline-okhttp3"
- dependency-name: "com.facebook.fbjni:fbjni"
# Our libraries that are stored in S3 have a custom versioning scheme which doesn't work with
# dependapot.
- dependency-name: "org.wordpress:fluxc"
- dependency-name: "org.wordpress:utils"
- dependency-name: "org.wordpress.gutenberg-mobile:react-native-gutenberg-bridge"
- dependency-name: "org.wordpress:login"
- dependency-name: "com.automattic:stories"
- dependency-name: "com.automattic.stories:mp4compose"
- dependency-name: "com.automattic.stories:photoeditor"
- dependency-name: "org.wordpress:aztec"
- dependency-name: "org.wordpress.aztec:wordpress-shortcodes"
- dependency-name: "org.wordpress.aztec:wordpress-comments"
- dependency-name: "org.wordpress.aztec:glide-loader"
- dependency-name: "org.wordpress.aztec:picasso-loader"
- dependency-name: "com.automattic:about"
- dependency-name: "com.automattic:Automattic-Tracks-Android"
- dependency-name: "com.automattic.tracks:crashlogging"
- dependency-name: "rs.wordpress.api:android"
- dependency-name: "com.gravatar:gravatar"
# Ignore dependencies that were added only to address security vulnerabilities of transitive WireMock dependencies
- dependency-name: "org.eclipse.jetty:jetty-webapp"
- dependency-name: "com.fasterxml.jackson.core:jackson-databind"
- dependency-name: "com.jayway.jsonpath:json-path"
- dependency-name: "commons-fileupload:commons-fileupload"