From 818f3bf52ac914a7d1c10ec3948872f4c65b9626 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 5 Aug 2025 05:39:49 +0000
Subject: [PATCH 1/2] Initial plan


From 2798ef012b52f6c826af36ee8c1aab76b87fe1a7 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 5 Aug 2025 05:51:35 +0000
Subject: [PATCH 2/2] Configure Dependabot for critical dependencies with
 monthly schedule

Co-authored-by: rvagg <495647+rvagg@users.noreply.github.com>
---
 .github/dependabot.yml | 29 +++++++++++++++++++++++++++--
 1 file changed, 27 insertions(+), 2 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 26f7a51e5..78a356aad 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -3,7 +3,32 @@ updates:
   - package-ecosystem: "cargo"
     directory: "/"
     schedule:
-      interval: "weekly"
+      interval: "monthly"
     allow:
+      # Critical wasmtime dependencies - require careful review for security and performance
       - dependency-name: "wasmtime"
-      - dependency-name: "wasmtime-environ"
\ No newline at end of file
+      - dependency-name: "wasmtime-environ"
+
+      # Core serialization and encoding dependencies
+      - dependency-name: "serde"
+      - dependency-name: "cid"
+      - dependency-name: "ipld-core"
+      - dependency-name: "multihash-codetable"
+      - dependency-name: "multihash-derive"
+
+      # Cryptographic dependencies - important for security updates
+      - dependency-name: "blake2b_simd"
+      - dependency-name: "k256"
+      - dependency-name: "bls-signatures"
+
+      # Protocol and utilities
+      - dependency-name: "unsigned-varint"
+
+      # Filecoin-specific dependencies
+      - dependency-name: "filecoin-proofs-api"
+      - dependency-name: "fvm-wasm-instrument"
+
+      # IPLD encoding dependencies
+      - dependency-name: "serde_ipld_dagcbor"
+      - dependency-name: "serde_repr"
+      - dependency-name: "serde_tuple"