From 9e26471590e21733613373d6b37aa7204f26dfca Mon Sep 17 00:00:00 2001
From: Diogo Teles Sant'Anna <diogoteles@google.com>
Date: Tue, 31 Oct 2023 16:03:40 -0300
Subject: [PATCH] Create dependabot.yml

Enable dependabot for security updates for github actions and gradle
---
 .github/dependabot.yml | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000000..73a0787ef2
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,15 @@
+version: 2
+updates:
+
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    # Workflow files stored in the default location of `.github/workflows`. (No need to specify `/.github/workflows` for `directory`. You can use `directory: "/"`.)
+    directory: "/"
+    # Disable version updates, making dependabot act only for Security Updates
+    open-pull-requests-limit: 0
+
+  # Maintain Gradle Dependencies
+  - package-ecosystem: "gradle"
+    directory: "/"
+    # Disable version updates, making dependabot act only for Security Updates
+    open-pull-requests-limit: 0