Skip to content

chore: add ai-extensions to dependabot sync#23

Open
brooke-hamilton wants to merge 1 commit into
mainfrom
brooke-hamilton-add-ai-extensions-dependabot-sync
Open

chore: add ai-extensions to dependabot sync#23
brooke-hamilton wants to merge 1 commit into
mainfrom
brooke-hamilton-add-ai-extensions-dependabot-sync

Conversation

@brooke-hamilton

Copy link
Copy Markdown
Member

Summary

Adds radius-project/ai-extensions to the Dependabot section of .github/sync.yml so a dependabot.yml gets generated for it.

Rationale

ai-extensions was already in the main sync group but was missing from the Dependabot section, so no dependabot.yml was being generated for it.

It is a pnpm monorepo with three package.json manifests: /, /radius-core, and /adapters/canvas. The glob /adapters/* covers canvas plus any future adapter. pnpm is declared under type: npm — Dependabot has no separate pnpm ecosystem and auto-detects pnpm from pnpm-lock.yaml. It also has GitHub Actions workflows, so github-actions is included at the repo root.

Change

  - repos: |
      radius-project/ai-extensions
    files:
      - source: sync-templates/.github/dependabot.yml.njk
        dest: .github/dependabot.yml
        template:
          ecosystems:
            - type: github-actions
            - type: npm
              directories:
                - "/"
                - "/radius-core"
                - "/adapters/*"

Validated that .github/sync.yml still parses as valid YAML.

ai-extensions is a pnpm monorepo with package.json manifests at /, /radius-core, and /adapters/canvas. The /adapters/* glob covers canvas plus future adapters. pnpm is declared under type: npm (Dependabot auto-detects pnpm from pnpm-lock.yaml). github-actions is included for the repo's workflows. ai-extensions was already in the main sync group but missing from the Dependabot section, so no dependabot.yml was being generated for it.

Co-authored-by: Copilot App <[email protected]>
Signed-off-by: Brooke Hamilton <[email protected]>
@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

@brooke-hamilton brooke-hamilton added the pr:standard Standard pull request label Jul 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

pr:standard Standard pull request

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant