chore(ci): disable dependabot and replace with Snyk (#3017)

We are not using dependabot to automatically upgrade our dependencies, instead we will use Snyk to monitor our dependencies and alert us when they need to be upgraded. This should hopefully reduce the noise in our PR process.
2026-03-09 01:36:26 -04:00 · 2023-05-05 14:48:24 -07:00
parent 469dd13349
commit f9de453efc
5 changed files with 1 additions and 118 deletions
--- a/.github/workflows/auto-merge.yml
+++ b/.github/workflows/auto-merge.yml
@@ -1,14 +0,0 @@
-name: auto-merge
-
-on:
-  pull_request:
-
-jobs:
-  auto-merge:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-      - uses: ahmadnassri/action-dependabot-auto-merge@v2
-        with:
-          # auto-merge rules are in /.github/auto-merge.yml
-          github-token: ${{ secrets.AUTO_MERGE_TOKEN }}
--- a/.github/workflows/check-pr-title.yml
+++ b/.github/workflows/check-pr-title.yml
@@ -9,4 +9,4 @@ jobs:
    steps:
    - uses: deepakputhraya/action-pr-title@master
      with:
-        regex: '^(feat|fix|breaking|build|chore|docs|style|refactor|test)\((kopiaui|cli|ui|repository|snapshots|server|providers|deps|deps-dev|site|ci|infra|general)\)!{0,1}: .*$'
+        regex: '^(\[Snyk\]|(feat|fix|breaking|build|chore|docs|style|refactor|test)\((kopiaui|cli|ui|repository|snapshots|server|providers|deps|deps-dev|site|ci|infra|general)\)!{0,1}:) .*$'