From 982811cacbdf41edcc733fe6c2df8a6821043bf9 Mon Sep 17 00:00:00 2001
From: hyperpolymath <6759885+hyperpolymath@users.noreply.github.com>
Date: Sat, 30 May 2026 19:51:16 +0100
Subject: [PATCH] =?UTF-8?q?chore(deps):=20apply=20estate=20dependabot=20po?=
 =?UTF-8?q?licy=20=E2=80=94=20ignore=20semver-major=20(standards#301)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Adds the canonical ignore "*" semver-major block to 5 ecosystems (cargo, mix, npm, pip, nix). github-actions left as-is.

Conformance with standards#301 / docs/DEPENDABOT-POLICY.adoc.
Supersedes #22 (toml 0.8.23→1.1.2 — 0.x→1.x crossing, major).
---
 .github/dependabot.yml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index d5cd4e9..c9bebb4 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -30,19 +30,43 @@ updates:
       interval: "weekly"
 
   # Node.js/npm
+    ignore:
+      # Estate policy standards#301 / docs/DEPENDABOT-POLICY.adoc:
+      # ignore semver-major bumps so they land via author-supplied PRs
+      # paired with call-site updates. Minor + patch flow normally.
+      - dependency-name: "*"
+        update-types: ["version-update:semver-major"]
   - package-ecosystem: "npm"
     directory: "/"
     schedule:
       interval: "weekly"
 
   # Python/pip
+    ignore:
+      # Estate policy standards#301 / docs/DEPENDABOT-POLICY.adoc:
+      # ignore semver-major bumps so they land via author-supplied PRs
+      # paired with call-site updates. Minor + patch flow normally.
+      - dependency-name: "*"
+        update-types: ["version-update:semver-major"]
   - package-ecosystem: "pip"
     directory: "/"
     schedule:
       interval: "weekly"
 
   # Nix flakes
+    ignore:
+      # Estate policy standards#301 / docs/DEPENDABOT-POLICY.adoc:
+      # ignore semver-major bumps so they land via author-supplied PRs
+      # paired with call-site updates. Minor + patch flow normally.
+      - dependency-name: "*"
+        update-types: ["version-update:semver-major"]
   - package-ecosystem: "nix"
     directory: "/"
     schedule:
       interval: "weekly"
+    ignore:
+      # Estate policy standards#301 / docs/DEPENDABOT-POLICY.adoc:
+      # ignore semver-major bumps so they land via author-supplied PRs
+      # paired with call-site updates. Minor + patch flow normally.
+      - dependency-name: "*"
+        update-types: ["version-update:semver-major"]