Skip to content

Update dependabot.yml to monitor release/* branches#26251

Merged
TravisEz13 merged 4 commits into
masterfrom
copilot/update-dependabot-config
Oct 20, 2025
Merged

Update dependabot.yml to monitor release/* branches#26251
TravisEz13 merged 4 commits into
masterfrom
copilot/update-dependabot-config

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Oct 20, 2025
edited
Loading

Summary

This PR updates the .github/dependabot.yml configuration to enable Dependabot to monitor and create pull requests for dependency updates on both the default branch (master) and all release/* branches.

Changes

Added duplicate configurations for both package ecosystems (github-actions and docker) with the target-branch: "release/*" option. This allows Dependabot to:

  • Continue monitoring the default branch (master) as before
  • Additionally monitor all branches matching the release/* pattern (e.g., release/v7.4, release/v7.5)

Behavior

Dependabot will now:

  • Check for GitHub Actions updates daily on both master and release branches
  • Check for Docker base image updates daily on both master and release branches
  • Create separate pull requests targeting the appropriate branch
  • Apply the CL-BuildPackaging label to all dependency update PRs

Example

When a new version of a GitHub Action is available, Dependabot will create:

  • One PR targeting master with the update
  • Additional PRs targeting each active release/* branch with the same update

This ensures that release branches stay up-to-date with security patches and dependency updates without manual intervention.

Original prompt

update .github/dependabot.yml to work on release/* branches as well as the default branch.

💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.

@TravisEz13
Update dependabot.yml to work on release/* branches
5c48ca2 
Co-authored-by: TravisEz13 <10873629+TravisEz13@users.noreply.github.com>
Copilot AI changed the title [WIP] Update dependabot configuration for release branches Update dependabot.yml to monitor release/* branches Oct 20, 2025
@TravisEz13 TravisEz13 marked this pull request as ready for review October 20, 2025 18:22
@TravisEz13 TravisEz13 requested review from a team and jshigetomi as code owners October 20, 2025 18:22
Copilot AI review requested due to automatic review settings October 20, 2025 18:22
Copilot AI requested review from TravisEz13 and removed request for Copilot October 20, 2025 18:22
@TravisEz13 TravisEz13 requested a review from Copilot October 20, 2025 18:33
Copilot AI reviewed Oct 20, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR configures Dependabot to monitor dependency updates on both the default branch and all release/* branches by duplicating ecosystem configurations with different target branches.

  • Added duplicate github-actions and docker ecosystem entries with target-branch: "release/*"
  • Enables automated dependency updates for release branches alongside the existing master branch monitoring

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

Comment thread .github/dependabot.yml Outdated
Comment thread .github/dependabot.yml Outdated
Comment thread .github/dependabot.yml
Comment thread .github/dependabot.yml Outdated
Comment thread .github/dependabot.yml
TravisEz13 and others added 2 commits October 20, 2025 12:06
@TravisEz13
Apply suggestion from @Copilot
9e4d968 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@TravisEz13
Apply suggestion from @Copilot
8c8334b 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@TravisEz13 TravisEz13 requested a review from Copilot October 20, 2025 19:07
@TravisEz13 TravisEz13 added the CL-Tools Indicates that a PR should be marked as a tools change in the Change Log label Oct 20, 2025
Copilot AI reviewed Oct 20, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated 1 comment.

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

Comment thread .github/dependabot.yml
@TravisEz13 TravisEz13 enabled auto-merge (squash) October 20, 2025 22:21
daxian-dbw
daxian-dbw approved these changes Oct 20, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@daxian-dbw daxian-dbw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@TravisEz13 TravisEz13 merged commit 810c1ea into master Oct 20, 2025
35 of 36 checks passed
@daxian-dbw daxian-dbw deleted the copilot/update-dependabot-config branch October 20, 2025 22:23
@microsoft-github-policy-service
Copy link
Copy Markdown
Contributor

microsoft-github-policy-service Bot commented Oct 20, 2025
edited by unfurl-links Bot
Loading

📣 Hey @@Copilot, how did we do? We would love to hear your feedback with the link below! 🗣️

🔗 https://aka.ms/PSRepoFeedback

adityapatwardhan
adityapatwardhan reviewed Oct 20, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@adityapatwardhan adityapatwardhan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

SIRMARGIN pushed a commit to SIRMARGIN/PowerShell that referenced this pull request Dec 12, 2025
@TravisEz13
@SIRMARGIN
Update dependabot.yml to monitor release/* branches (PowerShell#26251)
b066be5 
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: TravisEz13 <10873629+TravisEz13@users.noreply.github.com>
Co-authored-by: Travis Plunk <travis.plunk@microsoft.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
kilasuit pushed a commit to kilasuit/PowerShell that referenced this pull request Jan 2, 2026
@TravisEz13
@kilasuit
Update dependabot.yml to monitor release/* branches (PowerShell#26251)
607958b 
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: TravisEz13 <10873629+TravisEz13@users.noreply.github.com>
Co-authored-by: Travis Plunk <travis.plunk@microsoft.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@adityapatwardhan adityapatwardhan adityapatwardhan left review comments

Copilot code review Copilot Copilot left review comments

@daxian-dbw daxian-dbw daxian-dbw approved these changes

@jshigetomi jshigetomi Awaiting requested review from jshigetomi jshigetomi is a code owner

@TravisEz13 TravisEz13 Awaiting requested review from TravisEz13

Assignees

@TravisEz13 TravisEz13

Copilot code review Copilot

Labels

CL-Tools Indicates that a PR should be marked as a tools change in the Change Log

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@daxian-dbw @TravisEz13 @adityapatwardhan