From 5b4c951d87d147c8fdf4d2677be19eb03de953df Mon Sep 17 00:00:00 2001 From: nathannaveen <42319948+nathannaveen@users.noreply.github.com> Date: Fri, 1 Apr 2022 15:27:29 -0400 Subject: [PATCH] Included githubactions in the dependabot config This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure. Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool --- .github/dependabot.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 7ae99e2632c6..030d0061af57 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -60,3 +60,9 @@ updates: - 7.12.1 - 7.12.13 - 7.13.0 +- package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: daily + time: "21:00" + open-pull-requests-limit: 10