From 09f8ee0f3fcc8a51effe19039637d646ecd7dc9e Mon Sep 17 00:00:00 2001 From: Naveen <172697+naveensrinivasan@users.noreply.github.com> Date: Tue, 3 May 2022 09:21:45 -0500 Subject: [PATCH] ci: Included githubactions in the dependabot config This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure. Dependabot helps in keeping the supply chain secure: https://docs.github.com/en/code-security/dependabot GitHub actions up to dat: e https://docs.github.com/en/code-security/dependabot/ \ working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot dependency-update-tool: https://github.com/ossf/scorecard/blob/main/docs/checks.md Signed-off-by: Naveen <172697+naveensrinivasan@users.noreply.github.com> --- .github/dependabot.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index fe7f7e9af..88f4f5dca 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -47,3 +47,13 @@ updates: - ci/skip/e2e commit-message: prefix: "rebase" + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: weekly + rebase-strategy: disabled + labels: + - rebase + - ci/skip/e2e + commit-message: + prefix: rebase