ci: add mkdocs Python deps to dependabot security updates

- same as our other deps, for security updates only - in particular, a scenario I can see possible is if `mkdocs` has an XSS vuln or something that would impact the docs site Signed-off-by: Anton Gilgur <agilgur5@gmail.com>
argoproj · Feb 3, 2024 · 56964e1 · 56964e1
1 parent 23f1eed
commit 56964e1
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -27,6 +27,14 @@ updates:
     open-pull-requests-limit: 0
 
   # build / CI dependencies
+  - package-ecosystem: "pip"
+    directory: "/docs"
+    schedule:
+      interval: "weekly"
+      day: "saturday"
+    # ignore all non-security updates: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#open-pull-requests-limit
+    open-pull-requests-limit: 0
+
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule: