Using registries in conjunction with insecure-external-code-execution:allow
in the same updates setting
Configuration options for the dependabot.yml file - GitHub Docs
version: 2 registries: ruby-github: type: rubygems-server url: https://rubygems.pkg.github.com/octocat/github_api token: $ dockerhub: type: docker-registry url: registry.hub.docker.com username: octocat password: $ updates:
- package-ecosystem: “bundler”
directory: “/rubygems-server”
insecure-external-code-execution: allow
registries:
- ruby-github # only access to registries associated with this ecosystem/directory
schedule:
interval: “monthly”# Using
registriesin conjunction withinsecure-external-code-execution:allowin the same
updatessetting
- ruby-github # only access to registries associated with this ecosystem/directory
schedule:
interval: “monthly”# Using
version: 2 registries: ruby-github: type: rubygems-server url: https://rubygems.pkg.github.com/octocat/github_api token: $ dockerhub: type: docker-registry url: registry.hub.docker.com username: octocat password: $ updates:
- package-ecosystem: “bundler”
directory: “/rubygems-server”
insecure-external-code-execution: allow
registries:
- ruby-github # only access to registries associated with this ecosystem/directory schedule: interval: “monthly”
version: 2 updates:
# Maintain dependencies for GitHub Actions
- package-ecosystem: “github-actions”
Workflow files stored in the default location of
.github/workflows. (You don’t need to specify/.github/workflowsfordirectory. You can usedirectory: "/".)directory: “/” schedule: interval: “weekly”
# Maintain dependencies for npm
- package-ecosystem: “npm” directory: “/” schedule: interval: “weekly”
# Maintain dependencies for Composer
- package-ecosystem: “composer” directory: “/” schedule: interval: “weekly”