Browse Source
Keep GitHub Actions up to date with GitHub's Dependabot (#1969)
Fixes software supply chain safety warnings like at the bottom right of https://github.com/espeak-ng/espeak-ng/actions/runs/10446953129 * [Keeping your actions up to date with Dependabot](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot) * [Configuration options for the dependabot.yml file - package-ecosystem](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem)master
Alexander Epaneshnikov
5 months ago
1 changed files with 13 additions and 0 deletions
+ 13
- 0
.github/dependabot.yml
View File
| @@ -0,0 +1,13 @@ | |||
| # Keep GitHub Actions up to date with GitHub's Dependabot... | |||
| # https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot | |||
| # https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem | |||
| version: 2 | |||
| updates: | |||
| - package-ecosystem: github-actions | |||
| directory: / | |||
| groups: | |||
| github-actions: | |||
| patterns: | |||
| - "*" # Group all Actions updates into a single larger pull request | |||
| schedule: | |||
| interval: weekly | |||
Loading…