From ae52d9651a048e895e3f03ae75c4587f643500d0 Mon Sep 17 00:00:00 2001
From: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
Date: Thu, 24 Mar 2022 19:01:12 +0000
Subject: [PATCH] Included dependabot for GitHub actions

At the moment there isn't a dependabot config for githubactions. With
this it includes for GitHub actions.

The GitHub actions aren't getting updates. The codeql github action has release of
2.8.3 and the one that is running right now is at 1.x.x. The codeql
  plays a critical role in identifying vulnerabilities.
---
 .github/dependabot.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 4872c5afd..b31110af1 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -5,3 +5,8 @@ updates:
   schedule:
     interval: daily
   open-pull-requests-limit: 10
+- package-ecosystem: "github-actions"
+  directory: "/"
+  schedule:
+    interval: daily
+  open-pull-requests-limit: 10