From 11718c557be7afa0542089c8bad72a2283e49b1a Mon Sep 17 00:00:00 2001
From: Carlos Gonzalez <carlos.gonzalez@codeplay.com>
Date: Tue, 28 May 2024 10:45:48 +0100
Subject: [PATCH] [CP-Sec] Dependabot PRs to be reviewed by Security managers
 team

---
 .github/dependabot.yml | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 9124155..5dbd845 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -40,4 +40,15 @@ updates:
         versions: ["4.x", "5.x"]
       # For all packages, ignore all patch updates
       - dependency-name: "*"
-        update-types: ["version-update:semver-patch"] 
+        update-types: ["version-update:semver-patch"]
+  # Enable version updates for Github Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "monthly"
+    groups:
+      github-actions:
+        patterns:
+          - "*"
+    reviewers:
+      - "codeplaysoftware/security-managers"