From 91ab336d3d2e867ad9c89207bf328311196c3ac5 Mon Sep 17 00:00:00 2001
From: James Zern <jzern@google.com>
Date: Wed, 8 May 2024 10:10:58 -0700
Subject: [PATCH] add .github/dependabot.yml (#1060)

* add .github/dependabot.yml

This attempts to group all security related fixes for docs/ gems
into one PR on a monthly basis.

* clear yamllint warnings

ignoring 'document-start'
---
 .github/dependabot.yml | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 00000000..b27c4f2a
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,13 @@
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: "bundler"
+    directory: "/doc"
+    schedule:
+      interval: "monthly"
+    groups:
+      doc-gems-security:
+        applies-to: "security-updates"
+        patterns:
+          - "*"