bryophyta · November 25, 2025 13:15
diff --git a/dependabot-add-cooldowns.sh b/dependabot-add-cooldowns.sh
 #!/usr/bin/env bash

 # Script to add default cooldown config to each update in dependabot.yml if it doesn't exist, using yq
 # See: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/optimizing-pr-creation-version-updates#setting-up-a-cooldown-period-for-dependency-updates
 # See: https://mikefarah.gitbook.io/yq

 # Usage: run script from repository root, or specifying the path to your target YAML 
 # file as the first argument when invoking the script: `./dependabot-add-cooldowns.sh ./path/to/my/.github/dependabot.yml`



 set -e

 FILE="${1:-.github/dependabot.yml}"

 # Check if file exists
 if [ ! -f "$FILE" ]; then
  echo "Error: $FILE not found"
  exit 1
 fi

 # Check if yq is installed
 if ! command -v yq &> /dev/null; then
  echo "Error: yq is not installed. Install it with: brew install yq"
  exit 1
 fi

 echo "Adding cooldown configuration to $FILE..."

 # Loop through each update in the updates array and add cooldown if it doesn't exist
 # Skip updates where package-ecosystem is github-actions (cooldown not supported for gha)
 yq -i '
  with(.updates[] | select(.cooldown == null and .package-ecosystem != "github-actions");
    .cooldown = {
      "default-days": 5,
      "semver-major-days": 30,
      "semver-minor-days": 7,
      "semver-patch-days": 3
    }
  )
 ' "$FILE"

 echo "✓ Cooldown configuration added successfully!"
 echo ""
 echo "Updated $FILE with cooldown settings for $(yq '.updates | length' "$FILE") package ecosystem(s)"
	#!/usr/bin/env bash

	# Script to add default cooldown config to each update in dependabot.yml if it doesn't exist, using yq
	# See: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/optimizing-pr-creation-version-updates#setting-up-a-cooldown-period-for-dependency-updates
	# See: https://mikefarah.gitbook.io/yq

	# Usage: run script from repository root, or specifying the path to your target YAML
	# file as the first argument when invoking the script: `./dependabot-add-cooldowns.sh ./path/to/my/.github/dependabot.yml`



	set -e

	FILE="${1:-.github/dependabot.yml}"

	# Check if file exists
	if [ ! -f "$FILE" ]; then
	echo "Error: $FILE not found"
	exit 1
	fi

	# Check if yq is installed
	if ! command -v yq &> /dev/null; then
	echo "Error: yq is not installed. Install it with: brew install yq"
	exit 1
	fi

	echo "Adding cooldown configuration to $FILE..."

	# Loop through each update in the updates array and add cooldown if it doesn't exist
	# Skip updates where package-ecosystem is github-actions (cooldown not supported for gha)
	yq -i '
	with(.updates[] \| select(.cooldown == null and .package-ecosystem != "github-actions");
	.cooldown = {
	"default-days": 5,
	"semver-major-days": 30,
	"semver-minor-days": 7,
	"semver-patch-days": 3
	}
	)
	' "$FILE"

	echo "✓ Cooldown configuration added successfully!"
	echo ""
	echo "Updated $FILE with cooldown settings for $(yq '.updates \| length' "$FILE") package ecosystem(s)"
No results found