From 443acf080a91d8c20648838aabfc238ae01d1cb6 Mon Sep 17 00:00:00 2001
From: ObserverOfTime <chronobserver@disroot.org>
Date: Sun, 28 Sep 2025 10:16:23 +0300
Subject: [PATCH] ci(dependabot): enable cooldown period

This setting will delay package updates by 3 days which generally
should be enough time for supply chain attacks to be discovered
---
 .github/dependabot.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 1466f049..b338f1a5 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -4,6 +4,8 @@ updates:
     directory: "/"
     schedule:
       interval: "weekly"
+    cooldown:
+      default-days: 3
     commit-message:
       prefix: "build(deps)"
     labels:
@@ -16,6 +18,8 @@ updates:
     directory: "/"
     schedule:
       interval: "weekly"
+    cooldown:
+      default-days: 3
     commit-message:
       prefix: "ci"
     labels:
@@ -31,6 +35,8 @@ updates:
       - "/lib/binding_web"
     schedule:
       interval: "weekly"
+    cooldown:
+      default-days: 3
     commit-message:
       prefix: "build(deps)"
     labels: