From 70752d8a0955aa87f6a01cb67a6c7655567c49e3 Mon Sep 17 00:00:00 2001
From: David Sanders <dsanders11@ucsbalum.com>
Date: Fri, 3 Apr 2026 23:02:50 -0700
Subject: [PATCH] chore: use Dependabot to update GitHub Actions deps

---
 .github/dependabot.yml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..4d37709
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,24 @@
+version: 2
+updates:
+- package-ecosystem: "github-actions"
+  directory: "/"
+  schedule:
+    interval: "monthly"
+  cooldown:
+    default-days: 7
+  groups:
+    # Creates a separate PR for each non-security-related major update.
+    major-version-updates:
+      applies-to: "version-updates"
+      group-by: "dependency-name"
+      update-types: ["major"]
+
+    # Creates a single PR with all non-security-related minor/patch updates.
+    non-major-version-updates:
+      applies-to: "version-updates"
+      update-types: ["minor", "patch"]
+
+    # Creates a single PR with all security-related updates.
+    security-updates:
+      applies-to: "security-updates"
+      update-types: ["major", "minor", "patch"]