diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 00000000..619e9bd4
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,10 @@
+# Referenced from:
+# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot
+
+version: 2
+updates:
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
diff --git a/Changes b/Changes
index 297728da..8b123d65 100644
--- a/Changes
+++ b/Changes
@@ -1,6 +1,8 @@
 CHANGES LOG
 -----------
 
+ - Added .github/dependabot.yml file to auto-update GitHub actions
+
 0.40.0
  - change permissions of STAR working directory to allow deletion by standard pipeline tools
  - add Dockerfile to create container with appropriate tools for basic analyses