Prevent major upgrades for l-mongodb4 and l-slf4j-impl

ppkarwasz · ppkarwasz · commit f398ac538352 · 2024-08-09T14:24:25.000+02:00
We split the Dependabot config, hoping it will not upgrade `l-mongodb4` and `l-mongodb` at the same time.
diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
@@ -108,17 +108,9 @@ updates:
       # WebCompere System Stubs requires Java 11
       - dependency-name: "uk.org.webcompere:*"
         versions: [ "[2.1,)" ]
-      # SLF4J 1.7.x should only upgrade to 1.7.x and
-      # SLF4J 2.x should only upgrade to 2.x.
-      - dependency-name: "org.slf4j:slf4j-api"
-        update-types: [ "version-update:semver-major" ]
       # Plexus Utils 4.x are for Maven 4.x
       - dependency-name: "org.codehaus.plexus:plexus-utils"
         versions: [ "[4,)" ]
-      # MongoDB 3.x should only upgrade to 3.x and
-      # MongoDB 4.x should only upgrade to 4.x
-      - dependency-name: "org.mongodb:*"
-        update-types: [ "version-update:semver-major" ]
       # H2 version 2.3.x requires Java 11
       - dependency-name: "com.h2database:h2"
         versions: [ "[2.3,)" ]
@@ -127,6 +119,24 @@ updates:
       - dependency-name: "org.fusesource.jansi:jansi"
         update-types: [ "version-update:semver-major" ]
 
+  - package-ecosystem: maven
+    directories:
+      - "/log4j-mongodb4"
+      - "/log4j-slf4j-impl"
+    open-pull-requests-limit: 10
+    schedule:
+      interval: "daily"
+    target-branch: "2.x"
+    registries:
+      - maven-central
+    ignore:
+      # MongoDB 4.x should only upgrade to 4.x
+      - dependency-name: "org.mongodb:*"
+        versions: [ "[5,)" ]
+      # SLF4J 1.7.x should only upgrade to 1.7.x and
+      - dependency-name: "org.slf4j:slf4j-api"
+        versions: [ "[1,)" ]
+
   - package-ecosystem: github-actions
     directory: "/"
     schedule:
@@ -158,10 +168,6 @@ updates:
         update-types: [ "version-update:semver-minor", "version-update:semver-patch" ]
       - dependency-name: "org.openrewrite.recipe:*"
         update-types: [ "version-update:semver-minor", "version-update:semver-patch" ]
-      # SLF4J 1.7.x should only upgrade to 1.7.x and
-      # SLF4J 2.x should only upgrade to 2.x.
-      - dependency-name: "org.slf4j:slf4j-api"
-        update-types: [ "version-update:semver-major" ]
       # Plexus Utils 4.x are for Maven 4.x
       - dependency-name: "org.codehaus.plexus:plexus-utils"
         versions: [ "[4,)" ]
@@ -173,6 +179,20 @@ updates:
       - dependency-name: "org.fusesource.jansi:jansi"
         update-types: [ "version-update:semver-major" ]
 
+  - package-ecosystem: maven
+    directories:
+      - "/log4j-slf4j-impl"
+    open-pull-requests-limit: 10
+    schedule:
+      interval: "daily"
+    target-branch: "main"
+    registries:
+      - maven-central
+    ignore:
+      # SLF4J 1.7.x should only upgrade to 1.7.x and
+      - dependency-name: "org.slf4j:slf4j-api"
+        versions: [ "[1,)" ]
+
   - package-ecosystem: github-actions
     directory: "/"
     schedule:
