Olivier 'reivilibre c376cdd2ee Configure Dependabot to only update Python dependencies in the lockfile. (#19743) ...

See:
- https://github.com/element-hq/synapse/pull/19742
- https://github.com/element-hq/synapse/pull/19686

(etc)

Documentation
https://docs.github.com/en/code-security/reference/supply-chain-security/dependabot-options-reference#versioning-strategy--

We were considering `lockfile-only` but it sounds like
`increase-if-necessary` would increase the upper bound for us, if we had
one. Let's try it.

---------

Signed-off-by: Olivier 'reivilibre <oliverw@matrix.org>

2026-04-29 18:17:53 +01:00

..

ISSUE_TEMPLATE

Fix outdated Security Disclosure Policy references (#17341)

2024-06-25 15:58:30 +01:00

workflows

Bump the minor-and-patches group across 1 directory with 2 updates (#19710)

2026-04-24 10:35:00 +00:00

CODEOWNERS

More renaming

2023-12-13 15:41:11 +00:00

dependabot.yml

Configure Dependabot to only update Python dependencies in the lockfile. (#19743)

2026-04-29 18:17:53 +01:00

ISSUE_TEMPLATE.md

Fix outdated Security Disclosure Policy references (#17341)

2024-06-25 15:58:30 +01:00

PULL_REQUEST_TEMPLATE.md

Remove newline from final bullet point of PR template (#18419)

2025-05-13 15:14:00 +01:00

SUPPORT.md

Update SUPPORT.md

2019-06-25 12:24:23 +01:00