Add GH Action for Dependabot validation (#144)

tomschr · web-flow · commit e82585ad101e · 2026-01-27T11:16:25.000+01:00
* Add open-pull-requests-limit
* Add cooldown period
* Add labels
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -5,8 +5,22 @@
 
 version: 2
 updates:
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    open-pull-requests-limit: 5
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    assignees:
+      - "tomschr"
+    cooldown:
+      # https://docs.github.com/en/code-security/reference/supply-chain-security/dependabot-options-reference#cooldown-
+      default-days: 5
+    labels:
+      - "area:dependencies"
+
   - package-ecosystem: "pip"
-    directory: "/" # Location of your pyproject.toml
+    directory: "/"
     schedule:
       interval: "weekly"
     allow:
diff --git a/changelog.d/144.infra.rst b/changelog.d/144.infra.rst
@@ -0,0 +1 @@
+Enable GitHub Action for Dependabot config validation.

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+Enable GitHub Action for Dependabot config validation.`