Skip to content

CloudNStoyan/generate-dependabot-config-from-package-json

BranchesTags

Repository files navigation

@elbaph/generate-dependabot-config-from-package-json

NPM Version NPM License

A CLI for generating dependabot config from package.json

Usage

# Generate .github/dependabot.yml from root level package.json
$ npx @elbaph/generate-dependabot-config-from-package-json

# Generate .github/dependabot.yml from specific package.json
$ npx @elbaph/generate-dependabot-config-from-package-json ./package.json

# Generate .github/dependabot.yml from many package.json files
$ npx @elbaph/generate-dependabot-config-from-package-json ./package.json ./mock-app/package.json

Configuration

The CLI supports many ways to customize the generated dependabot.yml config

Options

help

Show help information and exit.

In the CLI: --help, -h

$ npx @elbaph/generate-dependabot-config-from-package-json --help

version

Print the current version of the CLI and exit.

In the CLI: --version, -v

$ npx @elbaph/generate-dependabot-config-from-package-json --help

labels

Specify your own labels separated by a comma(,) for all pull requests raised by dependabot (default: "dependencies").

In the CLI: --labels

$ npx @elbaph/generate-dependabot-config-from-package-json --labels <label1>
# OR
$ npx @elbaph/generate-dependabot-config-from-package-json --labels <label1,label2>

output

The output path of the generated dependabot.yml config (default: ".github").

In the CLI: --output, -o

$ npx @elbaph/generate-dependabot-config-from-package-json --output <path/to/dependabot/config/folder>

no-major-updates

Disallow dependabot to raise PRs for major semver updates for all dependencies.

In the CLI: --no-major-updates

$ npx @elbaph/generate-dependabot-config-from-package-json --no-major-updates

no-minor-updates

Disallow dependabot to raise PRs for minor semver updates for all dependencies.

In the CLI: --no-minor-updates

$ npx @elbaph/generate-dependabot-config-from-package-json --no-minor-updates

no-patch-updates

Disallow dependabot to raise PRs for patch semver updates for all dependencies.

In the CLI: --no-patch-updates

$ npx @elbaph/generate-dependabot-config-from-package-json --no-patch-updates

separate-security-fixes

Whether or not to separate security fixes into their own 2 groups (default: true)

In the CLI: --separate-security-fixes

$ npx @elbaph/generate-dependabot-config-from-package-json --separate-security-fixes

schedule-interval

Define whether to look for version updates: daily, weekly, or monthly (choices: "daily", "weekly", "monthly").

In the CLI: --schedule-interval

$ npx @elbaph/generate-dependabot-config-from-package-json --schedule-interval <interval>

versioning-strategy

Define how dependabot should edit manifest files (choices: "auto", "increase", "increase-if-necessary", "lockfile-only", "widen").

In the CLI: --versioning-strategy

$ npx @elbaph/generate-dependabot-config-from-package-json --versioning-strategy <strategy>

About

A CLI for generating dependabot config from package.json

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages