Skip to content

Commit

Permalink
Included githubactions in the dependabot config
Browse files Browse the repository at this point in the history 
This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure.

Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot

GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot

https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool
  • Loading branch information
@nathannaveen @Chen-jj
nathannaveen authored and Chen-jj committed Dec 27, 2022
1 parent 788d8ee commit 5b4c951
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions .github/dependabot.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,3 +60,9 @@ updates:
- 7.12.1
- 7.12.13
- 7.13.0
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: daily
time: "21:00"
open-pull-requests-limit: 10

0 comments on commit 5b4c951

Please sign in to comment.