Drop root go.mod dependencies from dependabot (#163)

In order to use a Go library, users must upgrade their dependencies to be at least as up-to-date as those listed in the library's `go.mod`. As @abhinav pointed out, using dependabot to then keep our dependencies up-to-date all the time will cause any users of this library to have to keep theirs up-to-date all the time as well, when this isn't strictly necessary due to Go's heavy backwards compatibility culture. Remove the section referring to the root's `go.mod` so that we can instead only upgrade dependencies when necessary to avoid too much churn with users of the library.
uber-go · Mar 4, 2024 · 986b50e · 986b50e
1 parent 7638c0a
commit 986b50e
Showing 1 changed file with 1 addition and 6 deletions.
diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
@@ -1,10 +1,5 @@
 version: 2
 updates:
-- package-ecosystem: "gomod"
-  directory: "/"
-  schedule:
-    interval: "daily"
-  open-pull-requests-limit: 5
 - package-ecosystem: "gomod"
   directory: "/tools"
   schedule:
@@ -23,4 +18,4 @@ updates:
 - package-ecosystem: "github-actions"
   directory: "/"
   schedule:
-    interval: "weekly"
+    interval: "weekly"