From 82ee36f6367d697b7e0f59d92abd83d7b7545f5d Mon Sep 17 00:00:00 2001
From: Jaylen Wimbish <jaylenw@users.noreply.github.com>
Date: Thu, 7 Dec 2023 11:38:32 -0800
Subject: [PATCH] Create dependabot.yml

initialize dependabot.yml file for auto updating npm and github action dependencies
---
 .github/dependabot.yml | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 00000000..484aea66
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,19 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: "npm" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "weekly" # documentation says this will be every monday # https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#scheduleinterval
+    reviewers: # https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#reviewers
+      - "CityOfLosAngeles/ita-devsecops-team"
+  - package-ecosystem: "github-actions" # See documentation for possible values
+    directory: "/"  # Workflow files stored in the default location of `.github/workflows`. (You don't need to specify `/.github/workflows` for `directory`. You can use `directory: "/"`.)
+    schedule: # documentation says this will be every monday # https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#scheduleinterval
+      interval: "weekly"
+    reviewers: # https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#reviewers
+      - "CityOfLosAngeles/ita-devsecops-team"