dependencies.yml file at the root of your repo tells us what you want
to happen. For each dependency file you have, you’ll add a collector. To each collector you then add actors to decide what you want to happen when
collectors: # name of an official collector - type: python-pip # which file or directory the collector should read path: requirements.txt actors: # name of an official actor - type: python-pip # regular expression for filtering dependencies by name dependencies: ".*" # versions that this actor should act on versions: "L.Y.Y" # settings for this specific actor settings: github_labels: - dependencies - type: js-npm # the js-npm collector is given directories (which could have package.json, yarn.lock, etc.) path: app actors: - type: js-npm dependencies: "react-.*" versions: "L.Y.Y" - type: repo-issue dependencies: "react-.*" versions: "Y.0.0"