Update dependabot.yml

alexdlaird · web-flow · commit 031d3c77b90f · 2025-04-24T09:51:19.000-05:00
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -1,11 +1,12 @@
 version: 2
 updates:
-  - package-ecosystem: "pip"
-    # Project not actively developed, so only open security updates: https://docs.github.com/en/code-security/dependabot/working-with-dependabot/dependabot-options-reference#open-pull-requests-limit
-    open-pull-requests-limit: 0
-    directory: "/"
-    schedule:
-      interval: "weekly"
-      day: "monday"
-      time: "05:00"
-      timezone: "America/Chicago"
+- package-ecosystem: "pip"
+  directory: "/"
+  schedule:
+    interval: "weekly"
+    day: "monday"
+    time: "05:00"
+    timezone: "America/Chicago"
+# Project not actively developed, so only allow security updates and certain projects
+allow:
+  - dependency-name: "pyngrok"
