Dependabot Options

_module.args

Additional arguments passed to each module in addition to ones like lib, config, and pkgs, modulesPath. This option is also available to all submodules. Submodules do not inherit args from their parent module, nor do they provide args to their parent module or sibling submodules. The sole exception to this is the argument name which is provided by parent modules to a submodule and contains the attribute name the submodule is bound to, or a unique generated name if it is not bound to an attribute. Some arguments are already passed by default, of which the following cannot be changed with this option: lib: The nixpkgs library. config: The results of all options after merging the values from all modules together. options: The options declared in all modules. specialArgs: The specialArgs argument passed to evalModules. All attributes of specialArgs Whereas option values can generally depend on other option values thanks to laziness, this does not apply to imports, which must be computed statically before anything else. For this reason, callers of the module system can provide specialArgs which are available during import resolution. For NixOS, specialArgs includes modulesPath, which allows you to import extra modules from the nixpkgs package tree without having to somehow make the module aware of the location of the nixpkgs or NixOS directories. { modulesPath, ... }: { imports = [ (modulesPath + "/profiles/minimal.nix") ]; } For NixOS, the default value for this option includes at least this argument: pkgs: The nixpkgs package set according to the option.

type

lazy attribute set of raw value

gh-dependabot

Github dependabot configurations

gh-dependabot.<packager>."<directory>".interval = "<interval>";

See github documentations of package-ecosystem directory and interval

type

attribute set of attribute set of submodule

example

{
  gh-dependabot = {
    npm = true;
    pip = {
      "/" = {
        interval = "weekly";
      };
    };
  };
}

default

{
  gh-dependabot = {};
}

gh-dependabot.<name>.<name>.allow

Customize which dependencies are updated, see dependabot docs

type

null or submodule

example

{
  gh-dependabot.<name>.<name>.allow = {
    development = [
      "sphinix"
    ];
    production = true;
  };
}

default

{
  gh-dependabot.<name>.<name>.allow = null;
}

gh-dependabot.<name>.<name>.allow.all

All explicit and direct dependencies

type

non-empty list of non-empty string or boolean

example

{
  gh-dependabot.<name>.<name>.allow.all = [
    "express"
  ];
}

default

{
  gh-dependabot.<name>.<name>.allow.all = false;
}

gh-dependabot.<name>.<name>.allow.development

Dependencies for development

type

non-empty list of non-empty string or boolean

example

{
  gh-dependabot.<name>.<name>.allow.development = [
    "express"
  ];
}

default

{
  gh-dependabot.<name>.<name>.allow.development = false;
}

gh-dependabot.<name>.<name>.allow.direct

All explicitly defined dependencies

type

non-empty list of non-empty string or boolean

example

{
  gh-dependabot.<name>.<name>.allow.direct = [
    "express"
  ];
}

default

{
  gh-dependabot.<name>.<name>.allow.direct = false;
}

gh-dependabot.<name>.<name>.allow.indirect

Dependencies of dependencies

type

non-empty list of non-empty string or boolean

example

{
  gh-dependabot.<name>.<name>.allow.indirect = [
    "express"
  ];
}

default

{
  gh-dependabot.<name>.<name>.allow.indirect = false;
}

gh-dependabot.<name>.<name>.allow.production

Dependencies for production

type

non-empty list of non-empty string or boolean

example

{
  gh-dependabot.<name>.<name>.allow.production = [
    "express"
  ];
}

default

{
  gh-dependabot.<name>.<name>.allow.production = false;
}

gh-dependabot.<name>.<name>.assignees

Who will be assigned to pull request

type

list of non-empty string

example

{
  gh-dependabot.<name>.<name>.assignees = [
    "jaoooooo"
  ];
}

default

{
  gh-dependabot.<name>.<name>.assignees = [];
}

gh-dependabot.<name>.<name>.auto-rebase

Disable auto rebase (enabled by default) see github documentations

type

null or boolean

example

{
  gh-dependabot.<name>.<name>.auto-rebase = false;
}

default

{
  gh-dependabot.<name>.<name>.auto-rebase = null;
}

gh-dependabot.<name>.<name>.commit

Customize commit message prefix, see dependabot docs

type

null or submodule

example

{
  gh-dependabot.<name>.<name>.commit = {
    prefix = "RED-ALERT";
    prefix-dev = "warn";
    scope = true;
  };
}

default

{
  gh-dependabot.<name>.<name>.commit = null;
}

gh-dependabot.<name>.<name>.commit.dev-prefix

Prefix of commit message for development dependencies

type

null or non-empty string

example

{
  gh-dependabot.<name>.<name>.commit.dev-prefix = "warn";
}

default

{
  gh-dependabot.<name>.<name>.commit.dev-prefix = null;
}

gh-dependabot.<name>.<name>.commit.prefix

Prefix of commit message

type

non-empty string

example

{
  gh-dependabot.<name>.<name>.commit.prefix = "RED-ALERT";
}

gh-dependabot.<name>.<name>.commit.scope

If commit message should be contain scope

type

boolean

example

{
  gh-dependabot.<name>.<name>.commit.scope = true;
}

default

{
  gh-dependabot.<name>.<name>.commit.scope = false;
}

gh-dependabot.<name>.<name>.day

Day of week for weekly run (null is monday)

type

null or one of "monday", "tuesday", "wednesday", "thursday", "friday", "saturday", "sunday"

example

{
  gh-dependabot.<name>.<name>.day = "friday";
}

default

{
  gh-dependabot.<name>.<name>.day = null;
}

gh-dependabot.<name>.<name>.ignore

Customize which dependencies are ignored, see dependabot docs

type

attribute set of submodule or boolean

example

{
  gh-dependabot.<name>.<name>.ignore = {
    django = {
      major = true;
      minor = true;
      patch = true;
    };
    express = true;
    sphinix = {
      versions = [
        "4.x"
        "5.x"
      ];
    };
  };
}

default

{
  gh-dependabot.<name>.<name>.ignore = {};
}

gh-dependabot.<name>.<name>.insecure-external-code-execution

Deny or allow external code execution, see github documentations

type

null or boolean

example

{
  gh-dependabot.<name>.<name>.insecure-external-code-execution = true;
}

default

{
  gh-dependabot.<name>.<name>.insecure-external-code-execution = null;
}

gh-dependabot.<name>.<name>.interval

Periodicity of check: daily weekly monthly

type

one of "daily", "weekly", "monthly"

example

{
  gh-dependabot.<name>.<name>.interval = "monthly";
}

default

{
  gh-dependabot.<name>.<name>.interval = "weekly";
}

gh-dependabot.<name>.<name>.labels

Labels to be added in pull request see github documentations

type

list of non-empty string

example

{
  gh-dependabot.<name>.<name>.labels = [
    "depencencies"
  ];
}

default

{
  gh-dependabot.<name>.<name>.labels = [];
}

gh-dependabot.<name>.<name>.limit

Maximum open pull requests before next update see github documentations

type

null or signed integer

example

{
  gh-dependabot.<name>.<name>.limit = 5;
}

default

{
  gh-dependabot.<name>.<name>.limit = null;
}

gh-dependabot.<name>.<name>.milestoneId

Id of milestone associated with see github documentations

type

null or signed integer

example

{
  gh-dependabot.<name>.<name>.milestoneId = 4;
}

default

{
  gh-dependabot.<name>.<name>.milestoneId = null;
}

gh-dependabot.<name>.<name>.reviewers

List of developers to review see github documentations

type

list of non-empty string

example

{
  gh-dependabot.<name>.<name>.reviewers = [
    "your-user-name"
    "your-org/some-team"
  ];
}

default

{
  gh-dependabot.<name>.<name>.reviewers = [];
}

gh-dependabot.<name>.<name>.separator

branch name separator see github documentations

type

null or non-empty string

example

{
  gh-dependabot.<name>.<name>.separator = "-";
}

default

{
  gh-dependabot.<name>.<name>.separator = null;
}

gh-dependabot.<name>.<name>.target-branch

Branch to be target see github documentations

type

null or non-empty string

example

{
  gh-dependabot.<name>.<name>.target-branch = "your-main-branch";
}

default

{
  gh-dependabot.<name>.<name>.target-branch = null;
}

gh-dependabot.<name>.<name>.time

Time of day to check for updates (format: hh:mm)

type

null or string matching the pattern [0-2][0-9]:[0-5][0-9]

example

{
  gh-dependabot.<name>.<name>.time = "16:25";
}

default

{
  gh-dependabot.<name>.<name>.time = null;
}

gh-dependabot.<name>.<name>.timezone

Specify an time zone, time zone identifier is defined by iana

type

null or non-empty string

example

{
  gh-dependabot.<name>.<name>.timezone = "Asia/Tokyo";
}

default

{
  gh-dependabot.<name>.<name>.timezone = null;
}

gh-dependabot.<name>.<name>.vendor

tell Dependabot to vendor dependencies see github documentations

type

boolean

example

{
  gh-dependabot.<name>.<name>.vendor = true;
}

default

{
  gh-dependabot.<name>.<name>.vendor = false;
}

gh-dependabot.<name>.<name>.versioning-strategy

Dependabot versioning strategy see github documentations

type

null or one of "lockfile-only", "auto", "widen", "increase", "increase-if-necessary"

example

{
  gh-dependabot.<name>.<name>.versioning-strategy = "auto";
}

default

{
  gh-dependabot.<name>.<name>.versioning-strategy = null;
}

gh-dependabot-registry

Disable auto rebase (enabled by default) see github documentations

type

attribute set of submodule

example

{
  gh-dependabot-registry = {
    maven-github = {
      secret-name = "MY_ARTIFACTORY_PASSWORD";
      type = "maven-repository";
      url = "https://maven.pkg.github.com/your-org";
      username = "your-repo-login";
    };
  };
}

default

{
  gh-dependabot-registry = {};
}

gh-dependabot-registry.<name>.organization

organization name of login in registry

type

null or non-empty string

example

{
  gh-dependabot-registry.<name>.organization = "your-org";
}

default

{
  gh-dependabot-registry.<name>.organization = null;
}

gh-dependabot-registry.<name>.replaces-base

replaces base url

type

boolean

example

{
  gh-dependabot-registry.<name>.replaces-base = true;
}

default

{
  gh-dependabot-registry.<name>.replaces-base = false;
}

gh-dependabot-registry.<name>.secret-name-key

gitub sercret name of key to access registry

type

null or non-empty string

example

{
  gh-dependabot-registry.<name>.secret-name-key = "MY_ARTIFACTORY_KEY";
}

default

{
  gh-dependabot-registry.<name>.secret-name-key = null;
}

gh-dependabot-registry.<name>.secret-name-pass

gitub sercret name of password to access registry

type

null or non-empty string

example

{
  gh-dependabot-registry.<name>.secret-name-pass = "MY_ARTIFACTORY_PASSWORD";
}

default

{
  gh-dependabot-registry.<name>.secret-name-pass = null;
}

gh-dependabot-registry.<name>.secret-name-token

gitub sercret name of token to access registry

type

null or non-empty string

example

{
  gh-dependabot-registry.<name>.secret-name-token = "MY_ARTIFACTORY_TOKEN";
}

default

{
  gh-dependabot-registry.<name>.secret-name-token = null;
}

gh-dependabot-registry.<name>.type

type of registry

type

non-empty string

example

{
  gh-dependabot-registry.<name>.type = "maven-repository";
}

gh-dependabot-registry.<name>.url

url of registry

type

null or non-empty string

example

{
  gh-dependabot-registry.<name>.url = "https://maven.pkg.github.com/your-org";
}

default

{
  gh-dependabot-registry.<name>.url = null;
}

gh-dependabot-registry.<name>.username

username of registry

type

null or non-empty string

example

{
  gh-dependabot-registry.<name>.username = "your-repo-login";
}

default

{
  gh-dependabot-registry.<name>.username = null;
}