mcp-adr-analysis-server

version: 2 updates: # Enable version updates for npm - package-ecosystem: "npm" directory: "/" schedule: interval: "daily" time: "09:00" timezone: "UTC" # Security updates get priority open-pull-requests-limit: 15 # Separate MCP SDK updates for enhanced testing groups: # Critical MCP SDK updates - handled separately with enhanced testing mcp-sdk-updates: patterns: - "@modelcontextprotocol/sdk" update-types: - "major" - "minor" - "patch" # Other production dependencies production-dependencies: patterns: - "@types/*" - "openai" - "zod" - "fast-glob" - "tslib" update-types: - "minor" - "patch" # Development dependencies development-dependencies: patterns: - "jest*" - "ts-jest" - "@types/jest" - "typescript" - "eslint*" - "prettier*" - "tsx" update-types: - "minor" - "patch" # Enhanced commit messages for better tracking commit-message: prefix: "deps" prefix-development: "deps-dev" include: "scope" # Always allow security updates regardless of schedule allow: - dependency-type: "all" # Add labels to make PRs easy to identify labels: - "dependencies" - "security" # Add reviewers for critical dependencies reviewers: - "tosin2013" # Custom PR titles to highlight security updates pull-request-branch-name: separator: "/" # Also check GitHub Actions for security updates - package-ecosystem: "github-actions" directory: "/" schedule: interval: "weekly" day: "monday" time: "09:00" timezone: "UTC" commit-message: prefix: "ci" include: "scope" labels: - "github-actions" - "security"