This is an automated email from the ASF dual-hosted git repository.
pkarwasz pushed a commit to branch 2.x
in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git
The following commit(s) were added to refs/heads/2.x by this push:
new 5cd888793a Fix Dependabot configuration (#3997)
5cd888793a is described below
commit 5cd888793aa53f64a60c69d1db20f7f9d4eaff07
Author: Piotr P. Karwasz <[email protected]>
AuthorDate: Thu Dec 11 23:16:01 2025 +0100
Fix Dependabot configuration (#3997)
This change restores a valid Dependabot configuration that was broken in
#3990 (see the failing GHA run:
[57824321555](https://github.com/apache/logging-log4j2/runs/57824321555)).
Because GitHub does not validate Dependabot configuration files before
merge, the fix is based **entirely** on the documented format and examples in
the [Dependabot options
reference](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/dependabot-options-reference#exclude-paths-).
**Note:** Dependabot appears to interpret the `exclude-paths` key
differently from `directories`; unlike `directories`, `exclude-paths` does
**not** require a leading slash.
---
.github/dependabot.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
index 739cbc2728..3dfa7865b7 100644
--- a/.github/dependabot.yaml
+++ b/.github/dependabot.yaml
@@ -48,8 +48,8 @@ updates:
exclude-paths:
# These use versions of MongoDB and SLF4J different
# from the remaining artifacts
- - "/log4j-mongodb4"
- - "/log4j-slf4j-impl"
+ - "log4j-mongodb4/**"
+ - "log4j-slf4j-impl/**"
schedule:
interval: "monthly"
groups:
