From 6d1713807f8a7396bf2ec60d43cad7c0b25816c0 Mon Sep 17 00:00:00 2001
From: Will Harney <62956339+wjhsf@users.noreply.github.com>
Date: Wed, 10 Apr 2024 16:32:31 -0400
Subject: [PATCH] chore: configure dependabot

Run once per week, grouping non-major version changes into a single PR, as they are theoretically non-breaking changes.
---
 .github/dependabot.yml | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000000..bf23ad04e6
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,16 @@
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: "npm" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "weekly"
+    groups:
+      # Non-major version bumps hopefully shouldn't break anything,
+      # so let's group them together into a single PR!
+      theoretically-non-breaking:
+        update-types:
+          - "minor"
+          - "patch"