From 8af645a40a18a09132aeaa598e21db003f8f0eea Mon Sep 17 00:00:00 2001
From: Dimitri Papadopoulos
 <3234522+DimitriPapadopoulos@users.noreply.github.com>
Date: Wed, 2 Nov 2022 14:18:01 +0100
Subject: [PATCH] Keep GitHub Actions up to date with Dependabot

Reference major versions of versioned actions, as suggested in:
https://docs.github.com/en/actions/creating-actions/about-custom-actions#good-practices-for-release-management
---
 .github/dependabot.yml     | 10 ++++++++++
 .github/workflows/test.yml |  2 +-
 2 files changed, 11 insertions(+), 1 deletion(-)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..fd83b11
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,10 @@
+# See: https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#about-the-dependabotyml-file
+version: 2
+
+updates:
+  # Configure check for outdated GitHub Actions actions in workflows.
+  # See: https://docs.github.com/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot
+  - package-ecosystem: github-actions
+    directory: / # Check the repository's workflows under /.github/workflows/
+    schedule:
+      interval: daily
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index a4f2f4c..38c8e69 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout
-      uses: actions/checkout@master
+      uses: actions/checkout@v3
     - uses: ./
     - name: Check sort with disorder
       run: sort -c test/test.txt || true