.github/dependabot.yml: Enable dependabot (#169)

## Description Enables dependabot in this repo. This GitHub action will automatically create pull requests and summarize the dependency details. Because it is a pull request, the CI system will validate the dependency update in the pull request. Configures dependabot for: 1. PIP module updates 2. Submodule updates 3. GitHub action updates - [ ] Breaking change? - Will this change break pre-existing builds or functionality without action being taken? **No** ## How This Was Tested Verified config in other repos. ## Integration Instructions N/A - Impacts this repo Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
microsoft · Nov 15, 2022 · 6e67d80 · 6e67d80
1 parent cbaeaba
commit 6e67d80
Showing 1 changed file with 34 additions and 0 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,34 @@
+## @file
+# Dependabot configuration file to enable GitHub services for managing and updating
+# dependencies.
+#
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+##
+
+version: 2
+updates:
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    commit-message:
+      prefix: "pip"
+
+  - package-ecosystem: "gitsubmodule"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    commit-message:
+      prefix: "submodule"
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+    commit-message:
+      prefix: "GitHub Action"