FoundryVTT-Module-Template
FoundryVTT-Module-Template copied to clipboard
Create a Dependabot configuration
Create a Dependabot configuration for NPM/Yarn and GitHub Actions
What’s the point of configuring it for npm/yarn? This is not an npm package.
@ghost91- If a user of the template uses NPM/Yarn, this will tell Dependabot to file PRs for dependency updates.
@ghost91- If a user of the template uses NPM/Yarn, this will tell Dependabot to file PRs for dependency updates.
The thing is: Most users of the template don’t.
As the template itself doesn’t use npm/yarn, I think that’s out of scope. Otherwise, you could also make a case for any other package manager to be included.
The template is intentionally kept simple, so I wouldn't add anything that doesn’t have a direct benefit. I think it’s even debatable if dependabot should be added at all.
Ok, I've removed the NPM/Yarn configuration. Regarding the GitHub Action configuration, the reason I added it is because if there's a security bug or fix in a GitHub Action, it's usually best for the user to update as soon as possible.