From 1003e68d1c4521290d5233fe8245d1246931d5be Mon Sep 17 00:00:00 2001
From: Saad Najmi <sanajmi@microsoft.com>
Date: Tue, 7 Apr 2026 10:35:23 -0700
Subject: [PATCH 1/2] chore: scope Dependabot to only packages we control
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The previous config monitored all npm dependencies in the monorepo root,
which includes ~20 forked @react-native/* packages whose dependencies
should stay in sync via upstream merges — not Dependabot.

Now Dependabot only monitors:
- /docsite (own lockfile, docusaurus deps)
- /packages/react-native (react-native-macos)
- /packages/react-native-macos-init
- /packages/nx-release-version
- /packages/virtualized-lists

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .github/dependabot.yml | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index eabbbd68ad53..be237049b218 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,10 +1,7 @@
-# Basic `dependabot.yml` file with
-# minimum configuration for three package managers
-
 version: 2
 updates:
   - package-ecosystem: "npm"
-    directory: "/"
+    directory: "/docsite"
     schedule:
       interval: "weekly"
     groups:
@@ -12,6 +9,17 @@ updates:
         patterns:
           - "@docusaurus/*"
 
+  # Only monitor packages we control — forked @react-native/* packages
+  # should stay in sync via upstream merges.
+  - package-ecosystem: "npm"
+    directories:
+      - "/packages/react-native"
+      - "/packages/react-native-macos-init"
+      - "/packages/nx-release-version"
+      - "/packages/virtualized-lists"
+    schedule:
+      interval: "weekly"
+
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:

From 7f9c4ff348e90692d743f07cdb3296278337600d Mon Sep 17 00:00:00 2001
From: Saad Najmi <sanajmi@microsoft.com>
Date: Tue, 7 Apr 2026 10:40:32 -0700
Subject: [PATCH 2/2] chore: group all Dependabot updates into single PRs

Use wildcard group patterns so each ecosystem entry produces at most
one PR per week instead of one per dependency.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .github/dependabot.yml | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index be237049b218..977afda64c3c 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -5,9 +5,9 @@ updates:
     schedule:
       interval: "weekly"
     groups:
-      docusaurus:
+      all:
         patterns:
-          - "@docusaurus/*"
+          - "*"
 
   # Only monitor packages we control — forked @react-native/* packages
   # should stay in sync via upstream merges.
@@ -19,8 +19,16 @@ updates:
       - "/packages/virtualized-lists"
     schedule:
       interval: "weekly"
+    groups:
+      all:
+        patterns:
+          - "*"
 
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:
       interval: "weekly"
+    groups:
+      all:
+        patterns:
+          - "*"