I want to receive automatic dependency update GitHub notifications for a Rust binary package. I have a Cargo.toml like this:
[package]...[dependencies]sophia = "0.8.0-alpha.1"actix-web = "4"multimap = "0.9"tinytemplate = "1"log = "0.4"However when I create .github/dependabot.yml like this, I receive tons of pull requests that do not change anything in Cargo.toml, only Cargo.lock:
version: 2updates: - package-ecosystem: "cargo" directory: "/" schedule: interval: "daily"However I can't ignore minor versions like the following, because that would not give me updates for 0.x.y dependencies when x increases:
version: 2updates: - package-ecosystem: "cargo" directory: "/" schedule: interval: "daily" allow: - dependency-type: "direct" ignore: - update-types: ["version-update:semver-minor", "version-update:semver-patch"]How can I get Dependabot to only open PRs when Cargo.toml is changed not only Cargo.lock? There is a versioning-strategy of lockfile-only but that is exactly the opposite of what I need.