PRs that only target package.json file #3184
Labels
Comments
|
Here's the current docs: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#versioning-strategy But it sounds like what you're actually looking for is to limit updates to only the direct deps and not the indirect / transient deps... for that you want the |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
First of all thank you for the great work.
I do find the documentation especially on Versioning strategy not being clear. Apart from lockfile and auto, the rest are not well explained.
I am intrested currently in raising PRs only when updates affect the package.json file as opposed to the lockfile. I dont know if i missed something and such exists but if not it would be a nice addition.
Is it possible to achieve that?
The text was updated successfully, but these errors were encountered: