Configures dependabot for monthly checks for action version updates

paperless-ngx · Feb 6, 2024 · 982e02e · 982e02e
1 parent 8e54200
commit 982e02e
Showing 1 changed file with 21 additions and 0 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,21 @@
+# https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#package-ecosystem
+
+version: 2
+updates:
+
+  # Enable updates for GitHub Actions
+  - package-ecosystem: "github-actions"
+    target-branch: "master"
+    directory: "/"
+    schedule:
+      # Check for updates to GitHub Actions every month
+      interval: "monthly"
+    # Add reviewers
+    reviewers:
+      - "paperless-ngx/ci-cd"
+    groups:
+      actions:
+        update-types:
+          - "major"
+          - "minor"
+          - "patch"