Add Dependabot configuration for GitHub Actions updates · bf62578fec - Gogs

Pārlūkot izejas kodu

Add Dependabot configuration for GitHub Actions updates

Add a Dependabot configuration that checks once a week if the GitHub Actions are still using the latest version. If not, it opens a PR to update them.

It will actually open few PRs, since only major versions are specified (like v3), so only on a major release (like v4) it will update and open a PR. But it helps actively keep GitHub Actions workflows up to date and secure.

See https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot

Ewout ter Hoeven 2 gadi atpakaļ

vecāks

1e99e35572

revīzija

bf62578fec

1 mainītis faili ar 7 papildinājumiem un 0 dzēšanām

Dalītais skats Rādīt salīdzināšanas statistiku

						
							+ 7
							
							- 0
						
.github/dependabot.yml
							 
								Parādīt failu
							
				@@ -0,0 +1,7 @@
			
				+version: 2
			
				+updates:
			
				+  # Maintain dependencies for GitHub Actions
			
				+  - package-ecosystem: "github-actions"
			
				+    directory: "/"
			
				+    schedule:
			
				+      interval: "weekly"