From d625a1733899b2099afcc105424998df814dafbc Mon Sep 17 00:00:00 2001 From: Jongyoul Lee Date: Mon, 13 Apr 2026 00:03:14 +0900 Subject: [PATCH 1/2] [MINOR] chore(.github): group dependabot security updates by path Configure Dependabot to group security updates for /docs, /zeppelin-web, and /zeppelin-web-angular into separate pull requests. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- .github/dependabot.yml | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000000..9c36d913206 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,34 @@ +version: 2 +updates: + - package-ecosystem: "bundler" + directory: "/docs" + schedule: + interval: "weekly" + open-pull-requests-limit: 0 + groups: + docs-security-updates: + applies-to: security-updates + patterns: + - "*" + + - package-ecosystem: "npm" + directory: "/zeppelin-web" + schedule: + interval: "weekly" + open-pull-requests-limit: 0 + groups: + zeppelin-web-security-updates: + applies-to: security-updates + patterns: + - "*" + + - package-ecosystem: "npm" + directory: "/zeppelin-web-angular" + schedule: + interval: "weekly" + open-pull-requests-limit: 0 + groups: + zeppelin-web-angular-security-updates: + applies-to: security-updates + patterns: + - "*" From 364d4a6e78e04ea5b8bc3999c333e9158eb09149 Mon Sep 17 00:00:00 2001 From: Jongyoul Lee Date: Mon, 13 Apr 2026 00:10:43 +0900 Subject: [PATCH 2/2] [MINOR] chore(.github): expand dependabot security groups Extend the Dependabot security update grouping config to cover the currently open dependency alert paths and clarify that version updates remain disabled. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- .github/dependabot.yml | 166 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 166 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 9c36d913206..58425fdcbed 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,5 +1,6 @@ version: 2 updates: + # Keep version updates disabled so this config only groups security updates. - package-ecosystem: "bundler" directory: "/docs" schedule: @@ -32,3 +33,168 @@ updates: applies-to: security-updates patterns: - "*" + + - package-ecosystem: "pip" + directory: "/dev" + schedule: + interval: "weekly" + open-pull-requests-limit: 0 + groups: + dev-security-updates: + applies-to: security-updates + patterns: + - "*" + + - package-ecosystem: "maven" + directory: "/" + schedule: + interval: "weekly" + open-pull-requests-limit: 0 + groups: + root-maven-security-updates: + applies-to: security-updates + patterns: + - "*" + + - package-ecosystem: "maven" + directory: "/alluxio" + schedule: + interval: "weekly" + open-pull-requests-limit: 0 + groups: + alluxio-security-updates: + applies-to: security-updates + patterns: + - "*" + + - package-ecosystem: "maven" + directory: "/bigquery" + schedule: + interval: "weekly" + open-pull-requests-limit: 0 + groups: + bigquery-security-updates: + applies-to: security-updates + patterns: + - "*" + + - package-ecosystem: "maven" + directory: "/elasticsearch" + schedule: + interval: "weekly" + open-pull-requests-limit: 0 + groups: + elasticsearch-security-updates: + applies-to: security-updates + patterns: + - "*" + + - package-ecosystem: "maven" + directory: "/flink/flink-scala-2.12" + schedule: + interval: "weekly" + open-pull-requests-limit: 0 + groups: + flink-scala-security-updates: + applies-to: security-updates + patterns: + - "*" + + - package-ecosystem: "maven" + directory: "/livy" + schedule: + interval: "weekly" + open-pull-requests-limit: 0 + groups: + livy-security-updates: + applies-to: security-updates + patterns: + - "*" + + - package-ecosystem: "maven" + directory: "/rlang" + schedule: + interval: "weekly" + open-pull-requests-limit: 0 + groups: + rlang-security-updates: + applies-to: security-updates + patterns: + - "*" + + - package-ecosystem: "maven" + directory: "/shell" + schedule: + interval: "weekly" + open-pull-requests-limit: 0 + groups: + shell-security-updates: + applies-to: security-updates + patterns: + - "*" + + - package-ecosystem: "maven" + directory: "/spark/interpreter" + schedule: + interval: "weekly" + open-pull-requests-limit: 0 + groups: + spark-interpreter-security-updates: + applies-to: security-updates + patterns: + - "*" + + - package-ecosystem: "maven" + directory: "/spark/spark-scala-parent" + schedule: + interval: "weekly" + open-pull-requests-limit: 0 + groups: + spark-scala-parent-security-updates: + applies-to: security-updates + patterns: + - "*" + + - package-ecosystem: "maven" + directory: "/zeppelin-interpreter" + schedule: + interval: "weekly" + open-pull-requests-limit: 0 + groups: + zeppelin-interpreter-security-updates: + applies-to: security-updates + patterns: + - "*" + + - package-ecosystem: "maven" + directory: "/zeppelin-plugins/launcher/docker" + schedule: + interval: "weekly" + open-pull-requests-limit: 0 + groups: + launcher-docker-security-updates: + applies-to: security-updates + patterns: + - "*" + + - package-ecosystem: "maven" + directory: "/zeppelin-plugins/launcher/k8s-standard" + schedule: + interval: "weekly" + open-pull-requests-limit: 0 + groups: + launcher-k8s-standard-security-updates: + applies-to: security-updates + patterns: + - "*" + + - package-ecosystem: "maven" + directory: "/zeppelin-plugins/notebookrepo/s3" + schedule: + interval: "weekly" + open-pull-requests-limit: 0 + groups: + notebookrepo-s3-security-updates: + applies-to: security-updates + patterns: + - "*"