Skip to content

Commit 4adf5f8

Browse files
kristiyan-velkovkristiyan-velkov
authored
Merge pull request #10 from kristiyan-velkov/develop
[feat] Enhanced CI/CD Pipeline with Security & AI Code Review
2 parents 61f959d + 2b6aa1e commit 4adf5f8

41 files changed

Lines changed: 8448 additions & 1073 deletions

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

.github/GITHUB_ACTIONS.md

Lines changed: 533 additions & 0 deletions
Large diffs are not rendered by default.

.github/SECRETS_AND_VARIABLES.md

Lines changed: 599 additions & 0 deletions
Large diffs are not rendered by default.

.github/dependabot.yml

Lines changed: 85 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,85 @@
1+
# Dependabot configuration for automated dependency updates
2+
# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
3+
4+
version: 2
5+
updates:
6+
# Enable version updates for npm dependencies
7+
- package-ecosystem: "npm"
8+
directory: "/"
9+
schedule:
10+
interval: "weekly"
11+
day: "monday"
12+
time: "09:00"
13+
timezone: "UTC"
14+
open-pull-requests-limit: 5
15+
labels:
16+
- "dependencies"
17+
- "npm"
18+
- "automated"
19+
commit-message:
20+
prefix: "chore"
21+
prefix-development: "chore"
22+
include: "scope"
23+
# Group updates for better PR management
24+
groups:
25+
development-dependencies:
26+
dependency-type: "development"
27+
update-types:
28+
- "minor"
29+
- "patch"
30+
production-dependencies:
31+
dependency-type: "production"
32+
update-types:
33+
- "patch"
34+
# Version update strategy
35+
versioning-strategy: increase
36+
# Ignore specific packages if needed
37+
ignore:
38+
# Ignore major version updates for stable packages
39+
- dependency-name: "react"
40+
update-types: ["version-update:semver-major"]
41+
- dependency-name: "react-dom"
42+
update-types: ["version-update:semver-major"]
43+
# Pull request settings
44+
rebase-strategy: "auto"
45+
pull-request-branch-name:
46+
separator: "/"
47+
48+
# Enable version updates for GitHub Actions
49+
- package-ecosystem: "github-actions"
50+
directory: "/"
51+
schedule:
52+
interval: "weekly"
53+
day: "monday"
54+
time: "09:00"
55+
timezone: "UTC"
56+
open-pull-requests-limit: 3
57+
labels:
58+
- "github-actions"
59+
- "dependencies"
60+
- "automated"
61+
commit-message:
62+
prefix: "ci"
63+
include: "scope"
64+
# Group GitHub Actions updates
65+
groups:
66+
github-actions:
67+
patterns:
68+
- "*"
69+
70+
# Enable version updates for Docker
71+
- package-ecosystem: "docker"
72+
directory: "/"
73+
schedule:
74+
interval: "weekly"
75+
day: "monday"
76+
time: "09:00"
77+
timezone: "UTC"
78+
open-pull-requests-limit: 3
79+
labels:
80+
- "docker"
81+
- "dependencies"
82+
- "automated"
83+
commit-message:
84+
prefix: "build"
85+
include: "scope"

0 commit comments

Comments
 (0)