From a8c9468a126596f80a9d8452046cd34a7a2e10a3 Mon Sep 17 00:00:00 2001
From: Jonas Lindenskov Nielsen <jonas.lindenskov@criipto.com>
Date: Tue, 20 May 2025 11:40:36 +0200
Subject: [PATCH] Configure dependbot

This commit adds .github/dependabot.yml to configure github's
automatic vulnerbility reporting tool, such that weekly, prs are
created for dependencies with reported vulnerbilities.
---
 .github/dependabot.yml | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 00000000..f6a44fdb
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,26 @@
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directories:
+      - "/Bank/*"
+      - "/Signing/*"
+      - "/Verify/*"
+      - "/"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 0
+    ignore:
+      - dependency-name: "*"
+        update-types: ["version-update:semver-patch"]
+  - package-ecosystem: "dotnet-sdk"
+    directories:
+      - "/Bank/*"
+      - "/Signing/*"
+      - "/Verify/*"
+      - "/"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 0
+    ignore:
+      - dependency-name: "*"
+        update-types: ["version-update:semver-patch"]