diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..619e9bd
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,10 @@
+# Referenced from:
+# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot
+
+version: 2
+updates:
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3d59c27..6e797b0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 
 ### Added
 
+* Added .github/dependabot.yml file to auto-update GitHub actions
 * Implemented the `create_token` action. Provided the caller has an admin token,
   this action generates and returns a new pipeline-specific token.