From 17f70a4d211dddacb402534b63e0f1047b55d444 Mon Sep 17 00:00:00 2001 From: Prajwal Nadig Date: Mon, 13 Jul 2026 20:19:59 +0100 Subject: [PATCH] Group dependabot updates for GHA workflows Currently, Dependabot is configured such that it will open one PR per workflow when a new version is released. For repositories that define multiple workflows, this can be noisy. Dependabot provides the ability to group multiple updates in a package ecosystem into a single PR [1]. This patch updates Dependabot to use a group for the `github-actions` package ecosystem. [1]: https://docs.github.com/en/code-security/tutorials/secure-your-dependencies/optimizing-pr-creation-version-updates#grouping-related-dependencies-together --- .github/dependabot.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 5ace4600..f6faee69 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -4,3 +4,7 @@ updates: directory: "/" schedule: interval: "weekly" + groups: + github-actions: + patterns: + - "*"