From 8f2caa28e50b42a06a407ea84ffb15451ec34f93 Mon Sep 17 00:00:00 2001
From: Antti Kaihola <13725+akaihola@users.noreply.github.com>
Date: Mon, 30 Dec 2024 22:14:27 +0200
Subject: [PATCH] ci: disable dependabot version updates

Enforcing newest versions of Darker's dependencies may cause a problem
for those users who like to install Darker in the same environment as
the package they are reformatting. Their package may have an upper
version limit for a dependency, e.g. to prevent an unintended update to
an incompatible major version. If Darker then requires a minimum version
newer than that limit, the installation of Darker will fail.

It's reasonable to keep Dependabot security updates (based on the Github
Advisory Database) enabled, but for the above reasons, Dependabot
version updates should in my opinion be disabled. We should support
oldest possible non-vulnerable versions of our dependencies, and yet in
a fresh environment users will still get the newest versions
automatically installed.

See also #788
---
 .github/dependabot.yml | 9 ---------
 1 file changed, 9 deletions(-)
 delete mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
deleted file mode 100644
index 7d25a84b5..000000000
--- a/.github/dependabot.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-version: 2
-updates:
-  - package-ecosystem: "pip"
-    directory: "/"
-    schedule:
-      interval: "daily"
-    ignore:
-      - dependency-name: "black"