From 2524213f6ebeb949cbd6a6c10b0fa1a78f0b3e35 Mon Sep 17 00:00:00 2001
From: Yuki Fujisaki <kitakore@gmail.com>
Date: Tue, 9 Jun 2026 18:13:44 +0900
Subject: [PATCH] chore(dependabot): add 3-day cooldown for supply-chain safety

---
 .github/dependabot.yml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 118d72d..02e55ed 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -2,6 +2,8 @@ version: 2
 updates:
   # npm パッケージの更新設定
   - package-ecosystem: "npm"
+    cooldown:
+      default-days: 3
     directory: "/"
     schedule:
       interval: "weekly"
@@ -57,6 +59,8 @@ updates:
 
   # GitHub Actionsの更新設定
   - package-ecosystem: "github-actions"
+    cooldown:
+      default-days: 3
     directory: "/"
     schedule:
       interval: "weekly"
@@ -70,4 +74,4 @@ updates:
       prefix: "chore"
       include: "scope"
     # 追加: PRの制限数設定
-    open-pull-requests-limit: 5
\ No newline at end of file
+    open-pull-requests-limit: 5