Add upgraded config files and process documentation

Update legacy documentation

Fix extra space on YAML

Fix other space pre-commit didn't get

.github/dependabot.yml

@@ -1,35 +1,20 @@
 version: 2
 updates:
-  - package-ecosystem: pip
-    directory: "/docs"
+  - package-ecosystem: github-actions
+    directory: "/"
     schedule:
       interval: daily
-      time: "04:00"
-      timezone: "Europe/Berlin"
-    labels:
-      - "cookiecutter"
-      - "dependencies"
-      - "python"
-    open-pull-requests-limit: 99
+      time: "09:00"
+    open-pull-requests-limit: 10
   - package-ecosystem: pip
     directory: "/.github/workflows"
     schedule:
       interval: daily
-      time: "04:00"
-      timezone: "Europe/Berlin"
-    labels:
-      - "cookiecutter"
-      - "dependencies"
-      - "python"
-    open-pull-requests-limit: 99
-  - package-ecosystem: github-actions
-    directory: "/"
+      time: "09:00"
+    open-pull-requests-limit: 10
+  - package-ecosystem: pip
+    directory: "/docs"
     schedule:
       interval: daily
-      time: "04:00"
-      timezone: "Europe/Berlin"
-    labels:
-      - "cookiecutter"
-      - "dependencies"
-      - "github_actions"
-    open-pull-requests-limit: 99
+      time: "09:00"
+    open-pull-requests-limit: 10

README.rst

@@ -227,7 +227,7 @@ Dependabot
 
 1. Sign up at Dependabot_.
 2. Install their GitHub app.
-
+3. Enable `Security Updates` from the `Security` tab on the repository under `Dependabot alerts` > `Dependabot Security Updates`.
 
 Read the Docs
 ~~~~~~~~~~~~~

docs/guide.rst

@@ -405,7 +405,7 @@ and links each file to a section with more details.
    ===================================== ========================================
    ``.cookiecutter.json``                :ref:`Project variables <Creating a project>`
    ``.darglint``                         Configuration for :ref:`darglint <darglint integration>`
-   ``.dependabot/config.yml``            Configuration for :ref:`Dependabot <Dependabot integration>`
+   ``.github/dependabot.yml``            Configuration for :ref:`Dependabot <Dependabot integration>`
    ``.flake8``                           Configuration for :ref:`Flake8 <The Flake8 hook>`
    ``.gitattributes``                    `Git attributes <.gitattributes_>`__
    ``.gitignore``                        `Git ignore file <.gitignore_>`__
@@ -1925,11 +1925,12 @@ Follow these steps to set up Dependabot for your repository:
 
 1. Sign up at Dependabot_.
 2. Install their GitHub app.
+3. Enable `Security Updates` from the `Security` tab on the repository under `Dependabot alerts` > `Dependabot Security Updates`.
 
 The configuration is included in the repository,
-in the file `.dependabot/config.yml`__.
+in the file `.github/dependabot.yml`__.
 
-__ https://dependabot.com/docs/config-file/
+__ https://help.github.com/en/github/administering-a-repository/customizing-dependency-updates
 
 Dependabot integrates with your repository via its GitHub app.
 

{{cookiecutter.project_name}}/.github/dependabot.yml

@@ -0,0 +1,26 @@
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: "/"
+    schedule:
+      interval: daily
+      time: "09:00"
+    open-pull-requests-limit: 10
+  - package-ecosystem: pip
+    directory: "/.github/workflows"
+    schedule:
+      interval: daily
+      time: "09:00"
+    open-pull-requests-limit: 10
+  - package-ecosystem: pip
+    directory: "/docs"
+    schedule:
+      interval: daily
+      time: "09:00"
+    open-pull-requests-limit: 10
+  - package-ecosystem: pip
+    directory: "/"
+    schedule:
+      interval: daily
+      time: "09:00"
+    open-pull-requests-limit: 10