ci: keep GitHub Actions up to date with GitHub's Dependabot (#42042)
* Keep GitHub Actions up to date with GitHub's Dependabot Fixes software supply chain safety warnings like at the bottom right of https://github.com/electron/electron/actions/runs/8619491231 * [Keeping your actions up to date with Dependabot](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot) * [Configuration options for the dependabot.yml file - package-ecosystem](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem) * Apply suggestion from code review * chore: fully remove groups --------- Co-authored-by: David Sanders <dsanders11@ucsbalum.com>
This commit is contained in:
parent
c3c4173377
commit
8cfc4b9d50
1 changed files with 9 additions and 0 deletions
9
.github/dependabot.yml
vendored
Normal file
9
.github/dependabot.yml
vendored
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
# Keep GitHub Actions up to date with GitHub's Dependabot...
|
||||||
|
# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot
|
||||||
|
# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem
|
||||||
|
version: 2
|
||||||
|
updates:
|
||||||
|
- package-ecosystem: github-actions
|
||||||
|
directory: /
|
||||||
|
schedule:
|
||||||
|
interval: weekly
|
Loading…
Reference in a new issue