From c319b2766d9734ab9a3245b41269a0674840b75b Mon Sep 17 00:00:00 2001
From: Avnish Pratap Singh <as74@sanger.ac.uk>
Date: Tue, 1 Oct 2024 09:31:08 +0100
Subject: [PATCH] Added dependabot.yml to auto-update GitHub actions

---
 .github/dependabot.yml | 10 ++++++++++
 CHANGES                |  1 +
 2 files changed, 11 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..619e9bd
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,10 @@
+# Referenced from:
+# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot
+
+version: 2
+updates:
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
diff --git a/CHANGES b/CHANGES
index 46442e7..209a7b5 100644
--- a/CHANGES
+++ b/CHANGES
@@ -5,6 +5,7 @@ CHANGES
  - replace grunt-jsonlint 2.1.3 with @prantlf/grunt-jsonlint 2.2.1
    the original project is not maintained anymore and the new one
    is a maintained fork picked up from snyk. Only used for devel.
+ - Added .github/dependabot.yml file to auto-update GitHub actions
 
 release 1.3.3
  - switch to github actions from travis ci