Skip to content

Commit

Permalink
Keep GitHub Actions up to date with GitHub's Dependabot
Browse files Browse the repository at this point in the history
Fixes software supply chain safety warnings by automating pull requests like
367cd96

* [Keeping your actions up to date with Dependabot](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot)
* [Configuration options for the dependabot.yml file - package-ecosystem](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem)
  • Loading branch information
cclauss authored and AWhetter committed Nov 25, 2024
1 parent 4e2d9ae commit b2ff263
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 0 deletions.
13 changes: 13 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
# Keep GitHub Actions up to date with GitHub's Dependabot...
# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot
# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem
version: 2
updates:
- package-ecosystem: github-actions
directory: /
groups:
github-actions:
patterns:
- "*" # Group all Actions updates into a single larger pull request
schedule:
interval: monthly
1 change: 1 addition & 0 deletions docs/changes/484.misc.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Keep GitHub Actions up to date with GitHub's Dependabot

0 comments on commit b2ff263

Please sign in to comment.