From 26f1b70f6cf5208b6c14d1f9c7fe68192c1b76e3 Mon Sep 17 00:00:00 2001
From: jrhee17 <guins_j@guins.org>
Date: Tue, 30 Jan 2024 16:13:12 +0900
Subject: [PATCH] Add dependabot configuration for `npm` dependencies (#5378)

Motivation:

The following [PR](https://github.com/line/armeria/pull/5377) attempts
to update the `package-lock.json` file only.
I've read through the following documents, and believe that specifying
the versioning strategy will help update the actual `package.json`
dependencies

Modifications:

- Added a versioning strategy for dependabot
- Specified the interval to monthly so that it is better in-sync with
our release schedule and we don't receive multiple update pull requests

Result:

- Improved dependabot pull requests

<!--
Visit this URL to learn more about how to write a pull request
description:

https://armeria.dev/community/developer-guide#how-to-write-pull-request-description
-->
---
 .github/dependabot.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 60dfffbb13d..b8c0a14eac3 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -29,3 +29,9 @@ updates:
           time: "10:00"
           # Use Korea Standard Time (UTC +09:00)
           timezone: "Asia/Seoul"
+
+    - package-ecosystem: "npm"
+      directory: "/"
+      schedule:
+        interval: "monthly"
+        versioning-strategy: increase