init

.github/dependabot.yml

@@ -0,0 +1,15 @@
+version: 2
+updates:
+  # you can add other package ecosystems here for granular control of security updates
+  # https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates
+  # bundler, docker (FROM image), git submodules, go, npm, pip, terraform, all supported
+
+  ##########################################
+  # Maintain dependencies for GitHub Actions
+  ##########################################
+  # On the interval, dependabot will scan for any updates to GH Actions (steps)
+  # Then it open PRs to the default branch for each action that has an updated version
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "monthly"