deps: ignore dependabot for peer dependencies (#904)

- several of the dependencies in the tree are only there because they are peerDeps, and not because we directly depend on them - they should only be upgraded in tandem with the dep(s) they are peers of and pretty much never in isolation - Greenkeeper made several PRs for peers which previously caused an erroneous/buggy update of `@types/jest` to 25 many months before Jest was upgraded to 25 - and honestly those Greenkeeper PRs for peers had confused me a good deal too
jaredpalmer · Oct 14, 2020 · 569c3ed · 569c3ed · vercel · Oct 14, 2020
1 parent 30d69d9
commit 569c3ed
Showing 1 changed file with 14 additions and 0 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -14,6 +14,20 @@ updates:
       # only upgrade prod deps (not devDeps)
       - dependency-name: '*'
         dependency-type: production
+    ignore:
+      # ignore eslint-config-react-app's peerDeps
+      - dependency-name: '@typescript-eslint/eslint-plugin'
+      - dependency-name: '@typescript-eslint/parser'
+      - dependency-name: 'babel-eslint'
+      - dependency-name: 'eslint-plugin-flowtype'
+      - dependency-name: 'eslint-plugin-import'
+      - dependency-name: 'eslint-plugin-jsx-a11y'
+      - dependency-name: 'eslint-plugin-react'
+      - dependency-name: 'eslint-plugin-react-hooks'
+      # ignore Jest's "peers" that should be upgraded simultaneously with Jest
+      - dependency-name: '@types/jest'
+      - dependency-name: 'jest-watch-typeahead'
+      - dependency-name: 'ts-jest'
     # temporarily disable dep upgrade PRs for / as they're being updated
     open-pull-requests-limit: 0