require-dependabot-schedule-cronjob
Rule catalog ID: R083
Targeted pattern scopeโ
Dependabot schedule mappings that use interval: "cron", including schedules inherited from multi-ecosystem-groups.
What this rule reportsโ
This rule reports two cases:
interval: "cron"without a non-emptycronjob- non-cron intervals that still define
cronjob
Why this rule existsโ
cronjob is meaningful only when Dependabot is configured with interval: "cron". Requiring it in cron mode and forbidding it elsewhere keeps schedule intent explicit and avoids configuration that looks more precise than Dependabot will actually honor.
โ Incorrectโ
version: 2
updates:
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "cron"
timezone: "UTC"
version: 2
updates:
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "weekly"
cronjob: "0 9 * * *"
โ Correctโ
version: 2
updates:
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "cron"
cronjob: "0 9 * * *"
timezone: "UTC"
Additional examplesโ
This rule complements require-dependabot-schedule-time and require-dependabot-schedule-timezone by covering the schedule branch where cronjob replaces time.
ESLint flat config exampleโ
import githubActions from "eslint-plugin-github-actions-2";
export default [githubActions.configs.dependabot];
When not to use itโ
Disable this rule only if the repository bans cron-based schedules and enforces that policy with a different rule set.