Update dependabot.yml

Apparently, https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem is wrong
Merge pull request #3864 from Growstuff/CloCkWeRX-patch-1
2026-05-26 01:37:39 -04:00 · 2024-09-29 16:37:25 +09:30 · 2024-09-29 16:36:15 +09:30 · 2024-09-29 16:36:02 +09:30 · 2024-09-29 16:32:34 +09:30
8 changed files with 1743 additions and 3302 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -13,3 +13,4 @@ updates:
    interval: daily
    time: "07:00"
  open-pull-requests-limit: 10
+
--- a/.github/workflows/brakeman-analysis.yml
+++ b/.github/workflows/brakeman-analysis.yml
@@ -1,40 +0,0 @@
-# This workflow integrates Brakeman with GitHub's Code Scanning feature
-# Brakeman is a static analysis security vulnerability scanner for Ruby on Rails applications
-
-name: Brakeman Scan
-
-# This section configures the trigger for the workflow. Feel free to customize depending on your convention
-on:
-  pull_request:
-    branches: [ dev ]
-
-jobs:
-  brakeman-scan:
-    name: Brakeman Scan
-    runs-on: ubuntu-latest
-    steps:
-    # Checkout the repository to the GitHub Actions runner
-    - name: Checkout
-      uses: actions/checkout@v4
-
-    # Customize the ruby version depending on your needs
-    - name: Setup Ruby
-      uses: ruby/setup-ruby@v1
-
-    - name: Setup Brakeman
-      env:
-        BRAKEMAN_VERSION: '5.1.1' # SARIF support is provided in Brakeman version 4.10+
-      run: |
-        gem install brakeman --version $BRAKEMAN_VERSION
-
-    # Execute Brakeman CLI and generate a SARIF output with the security issues identified during the analysis
-    - name: Scan
-      continue-on-error: true
-      run: |
-        brakeman -f sarif -o output.sarif.json .
-
-    # Upload the SARIF file generated in the previous step
-    - name: Upload SARIF
-      uses: github/codeql-action/upload-sarif@v3
-      with:
-        sarif_file: output.sarif.json
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -72,8 +72,6 @@ jobs:
      #
      # See https://github.com/actions/cache/blob/master/examples.md#node---yarn for details
      #
-      - name: Enable Corepack
-        run: corepack enable
      - name: Get yarn cache directory path
        id: yarn-cache-dir-path
        run: echo "::set-output name=dir::$(yarn cache dir)"
--- a/.yarn/install-state.gz
+++ b/.yarn/install-state.gz
--- a/.yarn/releases/yarn-4.5.0.cjs
+++ b/.yarn/releases/yarn-4.5.0.cjs
--- a/.yarnrc.yml
+++ b/.yarnrc.yml
@@ -1,3 +0,0 @@
-nodeLinker: node-modules
-
-yarnPath: .yarn/releases/yarn-4.5.0.cjs
--- a/package.json
+++ b/package.json
@@ -27,6 +27,5 @@
  "bugs": {
    "url": "https://github.com/growstuff/growstuff/issues"
  },
-  "homepage": "https://github.com/growstuff/growstuff#readme",
-  "packageManager": "yarn@4.5.0"
+  "homepage": "https://github.com/growstuff/growstuff#readme"
 }
--- a/yarn.lock
+++ b/yarn.lock
Author	SHA1	Message	Date
Daniel O'Connor	092920b5f8	Update dependabot.yml Apparently, https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem is wrong	2024-09-29 16:37:25 +09:30
Daniel O'Connor	b3c0df3bb8	Merge pull request #3864 from Growstuff/CloCkWeRX-patch-1 Update dependabot.yml	2024-09-29 16:36:15 +09:30
Daniel O'Connor	1113fc7c97	Update dependabot.yml	2024-09-29 16:36:02 +09:30
Daniel O'Connor	5e8c1f92d1	Delete .github/workflows/brakeman-analysis.yml	2024-09-29 16:32:34 +09:30