supply chain

Dependabot’s defaults can make it look like an agent of chaos. Here’s how cooldowns, dependency groups, and a Claude skill turn down the churn — fewer rebases, boring CI, and a few extra days for the world to flag the bad actors.