harald/zeroclaw
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3
zeroclaw/.github
History
Alex Gorevski 72207e3722
ci(dependabot): add Docker ecosystem monitoring (#633) 
Problem: The Dependabot configuration monitors Cargo and GitHub Actions
dependencies but does not track Docker base image updates. Stale base
images in the Dockerfile can accumulate unpatched vulnerabilities.

Solution: Add a Docker package-ecosystem entry to dependabot.yml that
proposes weekly base image updates, grouped by minor/patch, with a
3-PR concurrency limit. Labels (ci, dependencies) match the existing
GitHub Actions ecosystem entry for consistent triage routing.

Testing: Validated YAML syntax. Dependabot will activate automatically
on the next scheduled scan after merge.

Ref: zeroclaw-labs/zeroclaw#618 (item 1 — Dependency Update Automation)

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-02-17 15:11:31 -05:00
..
codeql Standardize security workflow and enhance CodeQL analysis (#479) 2026-02-17 00:10:46 -05:00
ISSUE_TEMPLATE fix(templates): quote Yes/No dropdown options in feature_request.yml (#575) 2026-02-17 13:31:12 -05:00
workflows feat(ci): add integration/E2E test stage with mock provider (#636) 2026-02-17 15:11:05 -05:00
actionlint.yaml fix(actionlint): adjust indentation for self-hosted runner labels 2026-02-16 17:59:32 -05:00
CODEOWNERS chore: update CODEOWNERS for memory, docs and CI governance 2026-02-18 00:56:55 +08:00
dependabot.yml ci(dependabot): add Docker ecosystem monitoring (#633) 2026-02-17 15:11:31 -05:00
label-policy.json ci(workflows): consolidate policy and rust workflow setup (#564) 2026-02-17 11:35:20 -05:00
labeler.yml docs: strengthen collaboration governance and AGENTS engineering protocol (#263) 2026-02-16 05:59:04 -05:00
pull_request_template.md chore(labeler): normalize module labels and backfill contributor tiers (#462) 2026-02-17 08:25:50 -05:00