From 315605528eaf537060d63ea83d75ed3c22733199 Mon Sep 17 00:00:00 2001
From: Cooper Ry Lees <me@cooperlees.com>
Date: Sun, 26 Feb 2023 20:56:31 -0800
Subject: [PATCH] Add dependabot to update GitHub actions

Let's have automation tell us when there are new action versions.
- It can also do pip - but we can add that in a seperate PR if there is interest ...

Right now we will get PRs once a week if there are new versions.

Test:
- Load with pyyaml to ensure valid yaml
---
 .github/dependabot.yml | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..3685b0a
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,8 @@
+# https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"