diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..88e8e7d --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,69 @@ +version: 2 +updates: + # Python dependencies (pip) + - package-ecosystem: "pip" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + time: "09:00" + open-pull-requests-limit: 10 + reviewers: + - "python-team" + assignees: + - "security-team" + labels: + - "dependencies" + - "python" + - "security" + commit-message: + prefix: "deps" + include: "scope" + # Group related updates + groups: + production-dependencies: + patterns: + - "django*" + - "flask*" + - "fastapi*" + - "sqlalchemy*" + development-dependencies: + patterns: + - "pytest*" + - "black" + - "flake8" + - "mypy" + + # Docker base images + - package-ecosystem: "docker" + directory: "/" + schedule: + interval: "weekly" + labels: + - "dependencies" + - "docker" + - "infrastructure" + commit-message: + prefix: "docker" + + # GitHub Actions + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + labels: + - "dependencies" + - "github-actions" + commit-message: + prefix: "ci" + + # Poetry (if using Poetry) + - package-ecosystem: "pip" + directory: "/" + schedule: + interval: "weekly" + labels: + - "dependencies" + - "poetry" + # Custom configuration for Poetry + versioning-strategy: "lockfile-only" diff --git a/Dockerfile b/Dockerfile index 24c23a0..ba02bc3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,4 @@ -FROM python:3.7-slim - +FROM python:3.8.10 # Add requirements file in the container COPY requirements.txt ./requirements.txt RUN pip install -r requirements.txt @@ -8,4 +7,4 @@ RUN pip install -r requirements.txt COPY main.py ./main.py # Define container entry point (could also work with CMD python main.py) -ENTRYPOINT ["python", "main.py"] \ No newline at end of file +ENTRYPOINT ["python", "main.py"] diff --git a/test.py b/test.py new file mode 100644 index 0000000..e69de29