mirror of
https://github.com/modelcontextprotocol/servers.git
synced 2026-02-19 11:54:58 -05:00
4ca2b2626a
Adds dependabot configuration to address npm workspace lockfile issues that caused PR #3021 to fail. The root cause was Dependabot trying to update the same package (glob) to different major versions across workspace directories, creating an inconsistent package-lock.json that fails `npm ci`. Key changes: - Configure npm updates from root directory only (per issue #6346) - Use versioning-strategy: increase for consistent lockfile updates - Explicitly configure security update grouping via applies-to See: - https://github.com/dependabot/dependabot-core/issues/6346 - https://github.com/dependabot/dependabot-core/issues/7157