Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Use dependabot to periodically check for updated actions. (#489)
This is essentially the exact file that GitHub proposes here: https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot#example-dependabotyml-file-for-github-actions Adding this file to the repository would simplify the update process of actions used in the CI. You might need to additionally enable dependabot for this repository to actually make this work. You should be able to find that setting on the "Insights" tab in the "Dependency graph" section. If it works, the bot will automatically create PRs for CI actions that are out of date. You can still decide to not merge those PRs. So everything will still be in your hands. Potential caveat: This file might need to exist on the default branch of this repository (i.e., `main`) to actually have an effect. Signed-off-by: Markus Mützel <[email protected]>
- Loading branch information
