From c7c0ee9fe3a74819a49f9719997ecbcbdd667bb8 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 7 Jan 2023 20:45:57 +0000
Subject: [PATCH 1/2] Bump actions/upload-artifact from 2 to 3

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/build.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 2d91593..baa8c3b 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -240,7 +240,7 @@ jobs:
       - name: Build artifacts
         run: python -m build
       - name: Upload artifacts
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: dist-${{ matrix.python-version }}
           path: dist

From 4709716d332f060e68aa7248ecb955914d9acfff Mon Sep 17 00:00:00 2001
From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com>
Date: Sat, 7 Jan 2023 16:17:06 -0500
Subject: [PATCH 2/2] Add ignore directives to the dependabot configuration

Add ignore directives and an attribution comment to the dependabot
configurtation. These will be uncommented in descendants of this
project (cisagov/skeleton-python-library) so that version changes to
these Actions are controlled through this project.
---
 .github/dependabot.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 5fe9a06..5bb8e67 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -19,6 +19,9 @@ updates:
       - dependency-name: actions/setup-python
       - dependency-name: hashicorp/setup-terraform
       - dependency-name: mxschmitt/action-tmate
+      # # Managed by cisagov/skeleton-python-library
+      # - dependency-name: actions/download-artifact
+      # - dependency-name: actions/upload-artifact
 
   - package-ecosystem: "pip"
     directory: "/"