Summary of the new feature / enhancement
This repository already uses Dependabot but not for GitHub Actions used in workflows. I suggest enabling it to keep Actions updated.
I see some old (major) versions used in various workflows, with CodeQL v1 being probably the most important one because it will be deprecated in December.
https://github.blog/changelog/2022-04-27-code-scanning-deprecation-of-codeql-action-v1/
Proposed technical implementation details (optional)
Adding it is pretty simple, just append dependabot.yml:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "daily"
Summary of the new feature / enhancement
This repository already uses Dependabot but not for GitHub Actions used in workflows. I suggest enabling it to keep Actions updated.
I see some old (major) versions used in various workflows, with CodeQL v1 being probably the most important one because it will be deprecated in December.
https://github.blog/changelog/2022-04-27-code-scanning-deprecation-of-codeql-action-v1/
Proposed technical implementation details (optional)
Adding it is pretty simple, just append
dependabot.yml: