From ece49df0c203729896f236a7928989d0db052257 Mon Sep 17 00:00:00 2001
From: BitGo Internal Agent <agent@bitgo.com>
Date: Mon, 27 Apr 2026 16:24:11 +0000
Subject: [PATCH] chore: add 7-day Dependabot cooldown for all ecosystems

Company policy requires a 7-day cooldown before updating any
external dependency. Add cooldown.default-days: 7 to both the
npm and github-actions Dependabot entries.

Ticket: DX-778
---
 .github/dependabot.yaml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
index 73ad112d..f0742b16 100644
--- a/.github/dependabot.yaml
+++ b/.github/dependabot.yaml
@@ -6,6 +6,9 @@ updates:
     directory: /
     schedule:
       interval: weekly
+    # Wait 7 days after a version is released before updating
+    cooldown:
+      default-days: 7
     labels:
       - dependencies
       - github-actions
@@ -17,6 +20,9 @@ updates:
       interval: daily
       # UTC
       time: '08:00'
+    # Wait 7 days after a version is released before updating
+    cooldown:
+      default-days: 7
     labels:
       - dependencies
       - npm