From 568a7cfb943db5d88e92c45ce83a755b3e65db37 Mon Sep 17 00:00:00 2001
From: per1234 <accounts@perglass.com>
Date: Sat, 1 Feb 2025 09:46:43 -0800
Subject: [PATCH] Configure Dependabot to check for outdated actions used in
 workflows

The addition of this configuration file will cause Dependabot to periodically check the versions of the GitHub Actions
actions dependencies of the repository's workflows. If any are found to be outdated, it will submit a pull request to
update them.
---
 .github/dependabot.yml | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..6e0e9e0
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,16 @@
+# See: https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#about-the-dependabotyml-file
+version: 2
+
+updates:
+  # Configure check for outdated GitHub Actions actions in workflows.
+  # Source: https://github.com/arduino/tooling-project-assets/blob/main/workflow-templates/assets/dependabot/README.md
+  # See: https://docs.github.com/en/code-security/supply-chain-security/keeping-your-actions-up-to-date-with-dependabot
+  - package-ecosystem: github-actions
+    directory: /.github/workflows/
+    assignees:
+      - per1234
+    labels:
+      - "topic: infrastructure"
+    open-pull-requests-limit: 100
+    schedule:
+      interval: daily