From c856d71c571678557f2c75ad723f1fcc4cbddd99 Mon Sep 17 00:00:00 2001
From: Violeta Georgieva <violeta.georgieva@broadcom.com>
Date: Wed, 20 Mar 2024 11:42:58 +0200
Subject: [PATCH] Create dependabot configuration

---
 .github/dependabot.yml | 47 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 000000000..cb4ea93d4
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,47 @@
+version: 2
+updates:
+- package-ecosystem: gradle
+  directory: "/"
+  schedule:
+    interval: daily
+  open-pull-requests-limit: 10
+  assignees:
+  - violetagg
+  target-branch: "3.4.x"
+  labels:
+  - type/dependency-upgrade
+  ignore:
+  # Don't update Reactor projects
+  - dependency-name: io.projectreactor:*
+  # JSR305 backport is fixed to last version with annotations (3.0.1)
+  - dependency-name: "com.google.code.findbugs:jsr305"
+  # Versions > 4 require JDK11+
+  - dependency-name: org.mockito:mockito-core
+    versions:
+    - "[5.a, 6]"
+  # Versions > 6 require JDK17+
+  - dependency-name: biz.aQute.bnd.builder
+    versions:
+    - "[7.a, 8]"
+  - dependency-name: org.slf4j:*
+    versions:
+    - "[2.a, 3]"
+  - dependency-name: ch.qos.logback:logback-classic
+    versions:
+    - "[1.3.a, 1.6]"
+  # artifactory: don't upgrade to v5
+  - dependency-name: "com.jfrog.artifactory"
+    versions:
+    - ">= 5.0.a"
+  rebase-strategy: disabled
+- package-ecosystem: github-actions
+  directory: "/"
+  schedule:
+      interval: daily
+  open-pull-requests-limit: 10
+  assignees:
+      - violetagg
+  target-branch: "0.2.x"
+  labels:
+      - type/dependency-upgrade
+  rebase-strategy: disabled