From 49060c3020991c05f530a30358e2d6f601f36b4a Mon Sep 17 00:00:00 2001
From: Francisco Arceo <arceofrancisco@gmail.com>
Date: Wed, 20 Aug 2025 16:05:12 -0600
Subject: [PATCH] chore: Update dependabot to capture package-lock.json (#3212)

# What does this PR do?
This should fix dependabot based on this thread:
https://stackoverflow.com/questions/60201543/dependabot-only-updates-lock-file


<!-- If resolving an issue, uncomment and update the line below -->
<!-- Closes #[issue-number] -->

## Test Plan
<!-- Describe the tests you ran to verify your changes with result
summaries. *Provide clear instructions so the plan can be easily
re-executed.* -->

Signed-off-by: Francisco Javier Arceo <farceo@redhat.com>
---
 .github/dependabot.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 134efd93b..01a2464a9 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -19,3 +19,15 @@ updates:
       - python
     commit-message:
       prefix: chore(python-deps)
+
+  - package-ecosystem: npm
+    directory: "/llama_stack/ui"
+    schedule:
+      interval: "weekly"
+      day: "saturday"
+    labels:
+      - type/dependencies
+      - javascript
+    commit-message:
+      prefix: chore(ui-deps)
+      versioning-strategy: increase