From f961eb0fe51109238128055897ccba1b70dbd804 Mon Sep 17 00:00:00 2001
From: Deepankar Dixit <90280028+ddixit14@users.noreply.github.com>
Date: Fri, 16 Jun 2023 02:08:23 +0000
Subject: [PATCH] chore: Update `dependabot.yml` template (#1813)

* chore: Update `dependabot.yml` template not to touch pip dependencies
---
 .../gcp/templates/java_library/.github/dependabot.yml      | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/synthtool/gcp/templates/java_library/.github/dependabot.yml b/synthtool/gcp/templates/java_library/.github/dependabot.yml
index c8f413b0d..fde1ced49 100644
--- a/synthtool/gcp/templates/java_library/.github/dependabot.yml
+++ b/synthtool/gcp/templates/java_library/.github/dependabot.yml
@@ -5,10 +5,13 @@ updates:
     schedule:
       interval: "daily"
     # Disable version updates for Maven dependencies
-    open-pull-requests-limit: 0
+    # we use renovate-bot as well as shared-dependencies BOM to update maven dependencies.
+    ignore: "*"
   - package-ecosystem: "pip"
     directory: "/"
     schedule:
       interval: "daily"
     # Disable version updates for pip dependencies
-    open-pull-requests-limit: 0
\ No newline at end of file
+    # If a security vulnerability comes in, we will be notified about 
+    # it via template in the synthtool repository.
+    ignore: "*"