Skip to content

Configure Dependabot version updates for GitHub Actions #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ivan-magda merged 2 commits into from
Dec 28, 2025
Merged

Configure Dependabot version updates for GitHub Actions #2

ivan-magda merged 2 commits into from
Dec 28, 2025

Conversation

Copy link
Contributor

Copilot AI commented Dec 28, 2025
edited
Loading

Dependabot version updates were not configured for this repository. The workflow at .github/workflows/validate-plugins.yml uses GitHub Actions that should be kept up-to-date automatically.

Changes

  • Added .github/dependabot.yml with github-actions ecosystem configuration
  • Weekly update schedule for actions including actions/checkout@v4 and dcarbone/install-jq-action@v2
version: 2
updates:
  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
      interval: "weekly"
Original prompt

Dependabot version updates aren't configured yet
Dependabot creates pull requests to keep your dependencies up-to-date.

Configure Dependabot version updates for this repository.
see this file https://github.com/ivan-magda/claude-code-plugin-template/blob/main/.github/workflows/validate-plugins.yml

https://docs.github.com/en/code-security/dependabot/dependabot-version-updates

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

@ivan-magda
Add Dependabot configuration for GitHub Actions
99276c6 
Co-authored-by: ivan-magda <8586063+ivan-magda@users.noreply.github.com>
Copilot AI changed the title [WIP] Configure Dependabot version updates for dependencies Configure Dependabot version updates for GitHub Actions Dec 28, 2025
Copilot AI requested a review from ivan-magda December 28, 2025 12:02
@ivan-magda ivan-magda marked this pull request as ready for review December 28, 2025 12:04
Copilot AI review requested due to automatic review settings December 28, 2025 12:04
Copilot AI reviewed Dec 28, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds Dependabot configuration to automatically manage GitHub Actions version updates for the repository. The configuration enables weekly automated pull requests to keep the GitHub Actions used in the validation workflow up-to-date.

  • Adds .github/dependabot.yml with GitHub Actions ecosystem configuration
  • Configures weekly update schedule for dependencies
  • Targets the workflow at .github/workflows/validate-plugins.yml which uses actions/checkout@v4 and dcarbone/install-jq-action@v2

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@ivan-magda ivan-magda merged commit cac07b3 into main Dec 28, 2025
11 checks passed
@ivan-magda ivan-magda deleted the copilot/configure-dependabot-updates branch December 28, 2025 12:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

+1 more reviewer

@ivan-magda ivan-magda ivan-magda approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@ivan-magda ivan-magda

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ivan-magda