From 4276066305fdc62edef68ca52edbfebab7d12573 Mon Sep 17 00:00:00 2001
From: James Estevez <j@jstvz.dev>
Date: Sat, 11 Apr 2026 21:17:38 -0700
Subject: [PATCH] chore: re-enable Dependabot version updates (uv +
 github-actions)

Switch package-ecosystem from pip to uv to match the project's package
manager and uv.lock. Set open-pull-requests-limit to 5 (was 0, effectively
disabled). Add github-actions ecosystem to track Action version updates.

Security updates were already running via auto-detected uv ecosystem;
this enables proactive version updates on the same ecosystem.
---
 .github/dependabot.yml | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 1557856ce5..57d4f33201 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,8 +1,14 @@
 version: 2
 updates:
-    - package-ecosystem: pip
+    - package-ecosystem: uv
       directory: "/"
       schedule:
           interval: weekly
           day: tuesday
-      open-pull-requests-limit: 0
+      open-pull-requests-limit: 5
+    - package-ecosystem: github-actions
+      directory: "/"
+      schedule:
+          interval: weekly
+          day: tuesday
+      open-pull-requests-limit: 5