mirror of
https://github.com/modelcontextprotocol/servers.git
synced 2026-04-28 00:35:16 +02:00
4ca2b2626a
Adds dependabot configuration to address npm workspace lockfile issues that caused PR #3021 to fail. The root cause was Dependabot trying to update the same package (glob) to different major versions across workspace directories, creating an inconsistent package-lock.json that fails `npm ci`. Key changes: - Configure npm updates from root directory only (per issue #6346) - Use versioning-strategy: increase for consistent lockfile updates - Explicitly configure security update grouping via applies-to See: - https://github.com/dependabot/dependabot-core/issues/6346 - https://github.com/dependabot/dependabot-core/issues/7157