From de73651e24333c77139ecd02c91a0ef34f0cddc4 Mon Sep 17 00:00:00 2001
From: Christian <33660027+cl77@users.noreply.github.com>
Date: Tue, 26 May 2026 08:28:11 +0000
Subject: [PATCH] chore: refresh managed Dependabot config

---
 .github/dependabot.yml | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 3a46cc6..ef93b26 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -10,6 +10,11 @@ updates:
       interval: "weekly"
       day: "monday"
     open-pull-requests-limit: 5
+    cooldown:
+      default-days: 5
+      semver-major-days: 14
+      semver-minor-days: 7
+      semver-patch-days: 3
     groups:
       security-all:
         applies-to: security-updates
@@ -17,4 +22,16 @@ updates:
       minor-patch:
         applies-to: version-updates
         patterns: ["*"]
-        update-types: ["minor", "patch"]
\ No newline at end of file
+        update-types: ["minor", "patch"]
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "monthly"
+    open-pull-requests-limit: 2
+    # github-actions only supports default-days for cooldown; semver-*-days
+    # is rejected by Dependabot (actions tags don't reliably follow semver).
+    cooldown:
+      default-days: 5
+    groups:
+      actions-all:
+        patterns: ["*"]
\ No newline at end of file