Skip to content

Commit

Permalink
Add Dependabot configuration for GitHub Actions updates
Browse files Browse the repository at this point in the history
Add a Dependabot configuration that checks once a week if the GitHub Actions are still using the latest version. If not, it opens a PR to update them.

It will actually open very few PRs, since we only have major versions specified (like v3), so only on a major v4 release it will update and open a PR.

See https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot
  • Loading branch information
EwoutH authored and shssoichiro committed Nov 8, 2022
1 parent 8deb5ca commit 4f7af46
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
version: 2
updates:
# Maintain dependencies for GitHub Actions
- package-ecosystem: "github-actions"
directory: "/"
schedule:
# Check for updates to GitHub Actions every week
interval: "weekly"

0 comments on commit 4f7af46

Please sign in to comment.