Included githubactions in the dependabot config

neilnaveen · web-flow · commit b4580238518a · 2022-04-01T14:02:46.000-05:00
This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure. Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -10,3 +10,13 @@ updates:
   labels:
   - dependencies
   versioning-strategy: widen
+ - package-ecosystem: "github-actions"
+  directory: "/"
+  schedule:
+    interval: daily
+    time: "04:00"
+    timezone: Europe/Berlin
+  open-pull-requests-limit: 20
+  labels:
+  - dependencies
+  versioning-strategy: widen
