Update dependabot package-ecosystems; set schedule to daily (#2360)

- Update dependabot dependency check to `daily`; it's our only supply chain scanner at the moment - Configure dependabot to alert on security issues - Fix some directory path configurations - Remove ruby - Add Swift - Use `gradle`, not `maven` ecosystem - Add @firezone/engineering to code scanning / security alerting management - Remove Ruby and add Java/Kotlin and Swift to CodeQL <img width="801" alt="Screenshot 2023-10-16 at 5 02 48 PM" src="https://github.com/firezone/firezone/assets/167144/c2b11580-f819-4b9c-b28e-c20d9f24c93e"> Fixes #1687
2026-01-27 10:18:54 +00:00 · 2023-10-17 16:33:44 -07:00
parent c78975a1ed
commit 40616abf84
1 changed files with 24 additions and 17 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -5,26 +5,22 @@

 version: 2
 updates:
-  - package-ecosystem: "mix" # See documentation for possible values
-    directory: "/" # Location of package manifests
+  - package-ecosystem: "mix"
+    directory: "elixir/"
    schedule:
-      interval: "weekly"
+      interval: "daily"
  - package-ecosystem: "pip"
    directory: "/"
    schedule:
-      interval: "weekly"
+      interval: "daily"
  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
-      interval: "weekly"
-  - package-ecosystem: "bundler"
-    directory: "/"
-    schedule:
-      interval: "weekly"
+      interval: "daily"
  - package-ecosystem: "cargo"
    directory: "rust/"
    schedule:
-      interval: "weekly"
+      interval: "daily"
    groups:
      otel:
        patterns:
@@ -35,12 +31,23 @@ updates:
          - "tracing-stackdriver"
        update-types:
          - "minor"
-  - package-ecosystem: "maven"
-    directory: "rust/connlib/clients/android"
+  - package-ecosystem: "gradle"
+    directory: "rust/connlib/clients/android/connlib/"
    schedule:
-      interval: "weekly"
-  - package-ecosystem: "maven"
-    directory: "kotlin/"
+      interval: "daily"
+  - package-ecosystem: "gradle"
+    directory: "kotlin/android/"
    schedule:
-      interval: "weekly"
-  # TODO: Apple package ecosystem
+      interval: "daily"
+  - package-ecosystem: "swift"
+    directory: "swift/apple/FirezoneKit/"
+    schedule:
+      interval: "daily"
+  - package-ecosystem: "npm"
+    directory: "website/"
+    schedule:
+      interval: "daily"
+  - package-ecosystem: "npm"
+    directory: "elixir/apps/web/assets/"
+    schedule:
+      interval: "daily"