Configuring Dependabot

Using Dependabot for automated package updates requires additional authentication to work with the oban registry. Update your .github/dependabot.yml file to include the private hex repository and enable insecure code execution so hex can add the registry:

version: 2

registries:
  oban-private-repo:
    type: hex-repository
    repo: oban
    url: https://getoban.pro/repo
    auth-key: ${{ secrets.oban_license_key }}
    public-key-fingerprint: "SHA256:4/OSKi0NRF91QVVXlGAhb/BIMLnK8NHcx/EWs+aIWPc"

updates:
  - package-ecosystem: "mix"
    directory: "/"
    insecure-external-code-execution: "allow"
    registries:
      - oban-private-repo
    schedule:
      interval: "daily"

Afterwards, store the oban_license_key in your GitHub organization's secret store.