From 96659b959cc58a57028e85dd36834ef190384c11 Mon Sep 17 00:00:00 2001
From: "Pahan, Szabolcs" <188366465+phn-ms@users.noreply.github.com>
Date: Mon, 2 Mar 2026 08:58:09 +0100
Subject: [PATCH 1/3] Use consistent single quotes in dependabot.yml

Update dependabot.yml to use single quotes for dependency names, version patterns, and directory paths. Also, standardize YAML list formatting for version arrays. These stylistic changes improve consistency and readability without affecting functionality.
---
 .github/dependabot.yml | 38 +++++++++++++++++++-------------------
 1 file changed, 19 insertions(+), 19 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index f9b199a64..d8914dee2 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -25,8 +25,8 @@ updates:
         versions: [ '>=2.1' ]
       - dependency-name: 'FluentAssertions*'
         versions: [ '>=8.0' ]
-      - dependency-name: "Microsoft.Extensions.*"
-        versions: ["10.*"]
+      - dependency-name: 'Microsoft.Extensions.*'
+        versions: ['10.*']
     groups:
       infragistics:
         patterns:
@@ -46,8 +46,8 @@ updates:
     ignore:
       - dependency-name: 'FluentAssertions*'
         versions: [ '>=8.0' ]
-      - dependency-name: "Microsoft.Extensions.*"
-        versions: ["10.*"]
+      - dependency-name: 'Microsoft.Extensions.*'
+        versions: ['10.*']
     groups:
       infragistics:
         patterns:
@@ -67,8 +67,8 @@ updates:
     ignore:
       - dependency-name: 'FluentAssertions*'
         versions: [ '>=8.0' ]
-      - dependency-name: "Microsoft.Extensions.*"
-        versions: ["10.*"]
+      - dependency-name: 'Microsoft.Extensions.*'
+        versions: ['10.*']
     groups:
       infragistics:
         patterns:
@@ -88,8 +88,8 @@ updates:
     ignore:
       - dependency-name: 'FluentAssertions*'
         versions: [ '>=8.0' ]
-      - dependency-name: "Microsoft.Extensions.*"
-        versions: ["10.*"]
+      - dependency-name: 'Microsoft.Extensions.*'
+        versions: ['10.*']
     groups:
       infragistics:
         patterns:
@@ -109,8 +109,8 @@ updates:
     ignore:
       - dependency-name: 'FluentAssertions*'
         versions: [ '>=8.0' ]
-      - dependency-name: "Microsoft.Extensions.*"
-        versions: ["10.*"]
+      - dependency-name: 'Microsoft.Extensions.*'
+        versions: ['10.*']
     groups:
       infragistics:
         patterns:
@@ -130,8 +130,8 @@ updates:
     ignore:
       - dependency-name: 'FluentAssertions*'
         versions: [ '>=8.0' ]
-      - dependency-name: "Microsoft.Extensions.*"
-        versions: ["10.*"]
+      - dependency-name: 'Microsoft.Extensions.*'
+        versions: ['10.*']
     groups:
       infragistics:
         patterns:
@@ -151,8 +151,8 @@ updates:
     ignore:
       - dependency-name: 'FluentAssertions*'
         versions: [ '>=8.0' ]
-      - dependency-name: "Microsoft.Extensions.*"
-        versions: ["10.*"]
+      - dependency-name: 'Microsoft.Extensions.*'
+        versions: ['10.*']
     groups:
       infragistics:
         patterns:
@@ -167,14 +167,14 @@ updates:
 
   - package-ecosystem: 'nuget'
     directories:
-      - "/src/**/dotnet/**"
+      - '/src/**/dotnet/**'
     schedule:
       interval: 'monthly'
     ignore:
-      - dependency-name: "System.*"
-        versions: ["10.*"]
-      - dependency-name: "Microsoft.Bcl.AsyncInterfaces.*"
-        versions: ["10.*"]
+      - dependency-name: 'System.*'
+        versions: ['10.*']
+      - dependency-name: 'Microsoft.Bcl.AsyncInterfaces.*'
+        versions: ['10.*']
 
   - package-ecosystem: 'npm'
     directory: '/'

From 74af9ea0fb716259ac9a9fbb5d3f3f79d0a3cec2 Mon Sep 17 00:00:00 2001
From: "Pahan, Szabolcs" <188366465+phn-ms@users.noreply.github.com>
Date: Mon, 2 Mar 2026 09:56:39 +0100
Subject: [PATCH 2/3] Refactor Dependabot NuGet config with globs and cleanup

Refactored the Dependabot configuration for NuGet to use the directories key with glob patterns, reducing duplication and simplifying management. Updated comments to note glob support. Consolidated and expanded the ignore list, including new patterns like System.* and Finos.Fdc3*. Removed the groups section for NuGet dependencies to further streamline the config. npm configuration is unchanged.
---
 .github/dependabot.yml | 147 +++--------------------------------------
 1 file changed, 8 insertions(+), 139 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index d8914dee2..9b000b653 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -14,141 +14,21 @@ registries:
     token: ${{ secrets.DEPENDABOT_GITHUB_PACKAGES }}
 
 updates:
-  # Dependabot doesn't support glob syntax. Every solution needs an entry
+  # Dependabot does support glob syntax.
 
   - package-ecosystem: 'nuget'
-    directory: '/src/fdc3/dotnet/DesktopAgent/src/DesktopAgent'
-    schedule:
-      interval: 'monthly'
-    ignore:
-      - dependency-name: 'Finos.Fdc3*'
-        versions: [ '>=2.1' ]
-      - dependency-name: 'FluentAssertions*'
-        versions: [ '>=8.0' ]
-      - dependency-name: 'Microsoft.Extensions.*'
-        versions: ['10.*']
-    groups:
-      infragistics:
-        patterns:
-          - 'Infragistics*'
-      grpc:
-        patterns:
-          - 'Grpc*'
-          - 'Google.Protobuf*'
-      codeanalysis:
-        patterns:
-          - 'Microsoft.CodeAnalysis*'
-
-  - package-ecosystem: 'nuget'
-    directory: '/src/messaging/dotnet/src/Client'
-    schedule:
-      interval: 'monthly'
-    ignore:
-      - dependency-name: 'FluentAssertions*'
-        versions: [ '>=8.0' ]
-      - dependency-name: 'Microsoft.Extensions.*'
-        versions: ['10.*']
-    groups:
-      infragistics:
-        patterns:
-          - 'Infragistics*'
-      grpc:
-        patterns:
-          - 'Grpc*'
-          - 'Google.Protobuf*'
-      codeanalysis:
-        patterns:
-          - 'Microsoft.CodeAnalysis*'
-
-  - package-ecosystem: 'nuget'
-    directory: '/src/messaging/dotnet/src/Core'
-    schedule:
-      interval: 'monthly'
-    ignore:
-      - dependency-name: 'FluentAssertions*'
-        versions: [ '>=8.0' ]
-      - dependency-name: 'Microsoft.Extensions.*'
-        versions: ['10.*']
-    groups:
-      infragistics:
-        patterns:
-          - 'Infragistics*'
-      grpc:
-        patterns:
-          - 'Grpc*'
-          - 'Google.Protobuf*'
-      codeanalysis:
-        patterns:
-          - 'Microsoft.CodeAnalysis*'
-
-  - package-ecosystem: 'nuget'
-    directory: '/src/messaging/dotnet/src/Host'
-    schedule:
-      interval: 'monthly'
-    ignore:
-      - dependency-name: 'FluentAssertions*'
-        versions: [ '>=8.0' ]
-      - dependency-name: 'Microsoft.Extensions.*'
-        versions: ['10.*']
-    groups:
-      infragistics:
-        patterns:
-          - 'Infragistics*'
-      grpc:
-        patterns:
-          - 'Grpc*'
-          - 'Google.Protobuf*'
-      codeanalysis:
-        patterns:
-          - 'Microsoft.CodeAnalysis*'
-
-  - package-ecosystem: 'nuget'
-    directory: '/src/messaging/dotnet/src/Server'
+    directories:
+      - '/src/**/dotnet/**'
+      - '/prototypes/multi-module-prototype/examples/multi-module-example/ModulesPrototype'
     schedule:
       interval: 'monthly'
     ignore:
-      - dependency-name: 'FluentAssertions*'
-        versions: [ '>=8.0' ]
-      - dependency-name: 'Microsoft.Extensions.*'
+      - dependency-name: 'System.*'
         versions: ['10.*']
-    groups:
-      infragistics:
-        patterns:
-          - 'Infragistics*'
-      grpc:
-        patterns:
-          - 'Grpc*'
-          - 'Google.Protobuf*'
-      codeanalysis:
-        patterns:
-          - 'Microsoft.CodeAnalysis*'
-
-  - package-ecosystem: 'nuget'
-    directory: '/src/shell/dotnet/Shell'
-    schedule:
-      interval: 'monthly'
-    ignore:
-      - dependency-name: 'FluentAssertions*'
-        versions: [ '>=8.0' ]
-      - dependency-name: 'Microsoft.Extensions.*'
+      - dependency-name: 'Microsoft.Bcl.AsyncInterfaces.*'
         versions: ['10.*']
-    groups:
-      infragistics:
-        patterns:
-          - 'Infragistics*'
-      grpc:
-        patterns:
-          - 'Grpc*'
-          - 'Google.Protobuf*'
-      codeanalysis:
-        patterns:
-          - 'Microsoft.CodeAnalysis*'
-
-  - package-ecosystem: 'nuget'
-    directory: '/prototypes/multi-module-prototype/examples/multi-module-example/ModulesPrototype'
-    schedule:
-      interval: 'monthly'
-    ignore:
+      - dependency-name: 'Finos.Fdc3*'
+        versions: [ '>=2.1' ]
       - dependency-name: 'FluentAssertions*'
         versions: [ '>=8.0' ]
       - dependency-name: 'Microsoft.Extensions.*'
@@ -165,17 +45,6 @@ updates:
         patterns:
           - 'Microsoft.CodeAnalysis*'
 
-  - package-ecosystem: 'nuget'
-    directories:
-      - '/src/**/dotnet/**'
-    schedule:
-      interval: 'monthly'
-    ignore:
-      - dependency-name: 'System.*'
-        versions: ['10.*']
-      - dependency-name: 'Microsoft.Bcl.AsyncInterfaces.*'
-        versions: ['10.*']
-
   - package-ecosystem: 'npm'
     directory: '/'
     schedule:

From acad0e4cafe50380fb0101b515dac3958248d226 Mon Sep 17 00:00:00 2001
From: "Pahan, Szabolcs" <188366465+phn-ms@users.noreply.github.com>
Date: Mon, 2 Mar 2026 12:08:32 +0100
Subject: [PATCH 3/3] Remove ModulesPrototype from Dependabot NuGet updates

The directory /prototypes/multi-module-prototype/examples/multi-module-example/ModulesPrototype was excluded from Dependabot's NuGet monitoring. All other Dependabot configuration settings remain unchanged.
---
 .github/dependabot.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 9b000b653..9cafdd379 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -19,7 +19,6 @@ updates:
   - package-ecosystem: 'nuget'
     directories:
       - '/src/**/dotnet/**'
-      - '/prototypes/multi-module-prototype/examples/multi-module-example/ModulesPrototype'
     schedule:
       interval: 'monthly'
     ignore: