Merge pull request #937 from PrivateBin/dependabot

Add/enable Dependabot to keep dependencies up-to-date
This commit is contained in:
El RIDO 2022-06-10 04:58:52 +02:00 committed by GitHub
commit b75bfc3e34
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

14
.github/dependabot.yml vendored Normal file
View file

@ -0,0 +1,14 @@
version: 2
updates:
# Maintain dependencies for GitHub Actions
# src: https://github.com/marketplace/actions/build-and-push-docker-images#keep-up-to-date-with-github-dependabot
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "daily"
# Also keep PHP (Composer) dependencies up-to-date
# see: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem
- package-ecosystem: "composer"
directory: "/"
schedule:
interval: "daily"