From: Christian Clauss <cclauss@me.com>
Date: Wed, 11 Dec 2024 12:57:11 +0000 (+0100)
Subject: Keep GitHub Actions up to date with GitHub's Dependabot
X-Git-Url: http://winboard.nl/cgi-bin?a=commitdiff_plain;h=8916249f3beef67961e748a4715596c53bb1a293;p=fairystockfish.git

Keep GitHub Actions up to date with GitHub's Dependabot

Fixes software supply chain safety warnings like at the bottom right of

https://github.com/fairy-stockfish/Fairy-Stockfish/actions/runs/12274061623
* [Keeping your actions up to date with Dependabot](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot)
* [Configuration options for the dependabot.yml file - package-ecosystem](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem)
---

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..be006de
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,13 @@
+# Keep GitHub Actions up to date with GitHub's Dependabot...
+# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot
+# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: /
+    groups:
+      github-actions:
+        patterns:
+          - "*"  # Group all Actions updates into a single larger pull request
+    schedule:
+      interval: weekly