ci: Add dependabot configuration file

vvalderrv · Peter Mikus · commit cf567e7dfeb3 · 2025-11-13T19:55:59.000Z
Enabling weekly automated dependency updates for GHA. This keeps
workflow dependencies current and ensures security fixes are applied
promptly.

Change-Id: I1d3a3985690867359a7311446548dd502081f272
Signed-off-by: Vanessa Valderrama &lt;vvalderrama@linuxfoundation.org&gt;
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,16 @@
+---
+# SPDX-FileCopyrightText: 2025 The Linux Foundation
+# SPDX-License-Identifier: Apache-2.0
+
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+
