Skip to content

Commit

Permalink
Included githubactions in the dependabot config
Browse files Browse the repository at this point in the history 
This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure.

Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot

GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot

https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool
  • Loading branch information
@neilnaveen
neilnaveen committed Apr 1, 2022
1 parent c2079f7 commit b458023
Showing 1 changed file with 10 additions and 0 deletions.
10 changes: 10 additions & 0 deletions .github/dependabot.yml
View file
Expand Up @@ -10,3 +10,13 @@ updates:
labels:
- dependencies
versioning-strategy: widen
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: daily
time: "04:00"
timezone: Europe/Berlin
open-pull-requests-limit: 20
labels:
- dependencies
versioning-strategy: widen

0 comments on commit b458023

Please sign in to comment.