From 88f36105a4ebcd16ebe0f8e53ea8b9a7b767e679 Mon Sep 17 00:00:00 2001
From: Jan-Hendrik Willms <tleilax+studip@gmail.com>
Date: Mon, 9 Oct 2023 10:10:51 +0000
Subject: [PATCH] add dependabot configuration, fixes #3242

Closes #3242

Merge request studip/studip!2201
---
 .gitlab/dependabot.yml | 18 ++++++++++++++++++
 composer.json          |  2 +-
 2 files changed, 19 insertions(+), 1 deletion(-)
 create mode 100644 .gitlab/dependabot.yml

diff --git a/.gitlab/dependabot.yml b/.gitlab/dependabot.yml
new file mode 100644
index 00000000000..4850c72b914
--- /dev/null
+++ b/.gitlab/dependabot.yml
@@ -0,0 +1,18 @@
+version: 2
+updates:
+  - package-ecosystem: composer
+    directory: /
+    schedule:
+      interval: weekly
+    labels: []
+    versioning-strategy: lockfile-only
+    open-pull-requests-limit: -1
+    open-security-pull-requests-limit: -1
+  - package-ecosystem: npm
+    directory: /
+    schedule:
+      interval: weekly
+    labels: []
+    versioning-strategy: lockfile-only
+    open-pull-requests-limit: -1
+    open-security-pull-requests-limit: -1
diff --git a/composer.json b/composer.json
index 8972ce231a5..7b1403d217f 100644
--- a/composer.json
+++ b/composer.json
@@ -28,7 +28,7 @@
         "mishal/iless": "^2.2",
         "ezyang/htmlpurifier": "^4.13",
         "davefx/phplot": "^6.2",
-        "jasig/phpcas": "^1.3",
+        "jasig/phpcas": "1.5",
         "phpxmlrpc/phpxmlrpc": "^4.4",
         "phpxmlrpc/extras": "^0.6.2",
         "algo26-matthias/idna-convert": "^3.0",
-- 
GitLab