Skip to content

Commit

Permalink
Merge pull request DSpace#10243 from tdonohue/update_dependabot
Browse files Browse the repository at this point in the history 
Update dependabot rules for 7.x to ignore incompatible dependencies
  • Loading branch information
@tdonohue
tdonohue authored Jan 17, 2025
2 parents 4edf8b3 + 4176f96 commit 8adf1ac
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions .github/dependabot.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -350,6 +350,13 @@ updates:
# Don't try to auto-update any DSpace dependencies
- dependency-name: "org.dspace:*"
- dependency-name: "org.dspace.*:*"
# Last version of errorprone to support JDK 11 is 2.31.0
- dependency-name: "com.google.errorprone:*"
versions: [">=2.32.0"]
# Spring Security 5.8 changes the behavior of CSRF Tokens in a way which is incompatible with DSpace 7
# See https://github.com/DSpace/DSpace/pull/9888#issuecomment-2408165545
- dependency-name: "org.springframework.security:*"
versions: [">=5.8.0"]
# Ignore all major version updates for all dependencies. We'll only automate minor/patch updates.
- dependency-name: "*"
update-types: [ "version-update:semver-major" ]

0 comments on commit 8adf1ac

Please sign in to comment.