0 0 0 Python

Configure Dependabot to only update Python dependencies in the lockfile. (#19743)

See:
- https://github.com/element-hq/synapse/pull/19742
- https://github.com/element-hq/synapse/pull/19686

(etc)

Documentation
https://docs.github.com/en/code-security/reference/supply-chain-security/dependabot-options-reference#versioning-strategy--

We were considering `lockfile-only` but it sounds like
`increase-if-necessary` would increase the upper bound for us, if we had
one. Let's try it.

---------

Signed-off-by: Olivier 'reivilibre <oliverw@matrix.org>

Olivier 'reivilibre committed 1mo ago

c376cdd2eeb448bdce39e058385f5f1bcc43701b

Parent: ed3cafd

Committed by GitHub <noreply@github.com> on 4/29/2026, 5:17:53 PM