From d33f43a57888f7973a979f0a480f85955a61df17 Mon Sep 17 00:00:00 2001
From: Erik Dubbelboer <erik@dubbelboer.com>
Date: Thu, 18 Sep 2025 13:39:07 +0200
Subject: [PATCH] Delay dependabot updates by 5 days

Wait 5 days to get updates. We hope supply chain attacks are detected before these 5 days.
---
 .github/dependabot.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 82fa160..cc47af1 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -8,6 +8,8 @@ updates:
       github-actions:
         patterns:
           - "*"
+    cooldown:
+      default-days: 5
   - package-ecosystem: "gomod"
     directory: "/"
     schedule:
@@ -16,3 +18,5 @@ updates:
       gomod:
         patterns:
           - "*"
+    cooldown:
+      default-days: 5