mirror of
https://github.com/actions/setup-node
synced 2024-11-09 15:12:40 +00:00
Keep GitHub Actions up to date with GitHub's Dependabot
From https://github.com/actions/starter-workflows/blob/main/.github/dependabot.yml Fixes the nine supply chain safety warnings at the bottom right of https://github.com/actions/setup-node/actions/runs/8558803200
This commit is contained in:
Christian Clauss
parent
c2ac33f2c6
commit
c88935e5ce
1 changed files with 16 additions and 0 deletions
16
.github/dependabot.yml
vendored
Normal file
16
.github/dependabot.yml
vendored
Normal file
|
|
@ -0,0 +1,16 @@
|
|||
# To get started with Dependabot version updates, you'll need to specify which
|
||||
# package ecosystems to update and where the package manifests are located.
|
||||
# Please see the documentation for all configuration options:
|
||||
# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
|
||||
|
||||
version: 2
|
||||
updates:
|
||||
- package-ecosystem: 'npm'
|
||||
directory: '/'
|
||||
schedule:
|
||||
interval: 'weekly'
|
||||
|
||||
- package-ecosystem: 'github-actions'
|
||||
directory: '/'
|
||||
schedule:
|
||||
interval: 'weekly'
|
||||
Loading…
Reference in a new issue