Enable dependabot

[rootulp]

Context

go-square/go.mod

Line 3 in 414d7f7

go 1.21.5

Problem

It looks like dependabot isn't enabled on this repo because it uses Go 1.21.5 but Go 1.21.6 has been released

Acceptance Criteria

Enable dependabot

[rootulp]

I'm blocked b/c I don't have permission to see the settings on this repo.

@MSevey can you please give me admin or maintainer permissions on this repo?

[cristaloleg]

Why do we need to bump Go version in go.mod ?

Also, dependabot doesn't support that iirc.

[rootulp]

I think you're right b/c celestia-app has dependabot enabled and we've had to manually bump Go versions. But I think it's still a good idea to enable dependabot on this repo to bump the Go deps even though there aren't many.

[cristaloleg]

No-no, I'm about another thing which is not dependabot related: what is the reason to bump Go version in go.mod at all?

[rootulp]

So that we can use features from new Go releases.

[cristaloleg]

Fair enough. The only thing why I started this dialogue is that I saw go.mod bumps only when they are reaaaally needed. Also, Go patch releases don't give any language changes.

[MSevey]

I'm blocked b/c I don't have permission to see the settings on this repo.

@MSevey can you please give me admin or maintainer permissions on this repo?

done

[rootulp]

Dependabot was already enabled. I confirmed the config file looks good.

Screenshot