Setting up Dependabot

How to configure Dependabot with the private NPM registry.

In the next steps you'll learn how to configure Dependabot to use the private NPM registry.

Configuration#

Dependabot uses NPM to analyze your project and check for updates.

Create an .npmrc file in the root of your project and add the following lines.

registry=https://registry.npmjs.org/
@saas-ui-pro:registry=https://npm.saas-ui.dev/

Dependabot configuration#

Create a new file in .github/dependabot.yml and add the following lines.

# Please see the documentation for all configuration options:
# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates

version: 2

registries:
  saas-ui-pro:
    type: npm-registry
    url: https://npm.saas-ui.dev/
    username: ${{secrets.SAAS_UI_USER}}
    password: ${{secrets.SAAS_UI_LICENSE_KEY}}
    replaces-base: false

updates:
  - package-ecosystem: 'npm'
    directory: '/'
    registries: '*'
    schedule:
      interval: 'weekly'
      time: '04:00'
    open-pull-requests-limit: 99
    target-branch: 'main'
    labels:
      - 'dependencies'
      - 'javascript'

This is an example configuration, the important part is the registries section.

You can find more information about the configuration options in the official documentation.

Secrets#

You need to add the following secrets to your repository.

• SAAS_UI_USER - Your Saas UI (Github) username.
• SAAS_UI_LICENSE_KEY - Your Saas UI license key.

More information about the secrets can be found in the official documentation.