From: Anil Belur Date: Thu, 15 Jan 2026 22:17:13 +0000 (+1000) Subject: chore: Update actions to latest and add dependabot X-Git-Tag: v0.10.0^0 X-Git-Url: https://gerrit.linuxfoundation.org/infra/gitweb?a=commitdiff_plain;h=refs%2Fchanges%2F60%2F74060%2F2;p=releng%2Fdocs-conf.git chore: Update actions to latest and add dependabot Update GitHub Actions to latest versions: - actions/checkout: v6.0.0 -> v6.0.2 (de0fac2) - actions/setup-python: v6.0.0 -> v6.1.0 (8367a89) Add dependabot.yml configuration for automated weekly GitHub Actions dependency updates. Change-Id: I70dd240a3c5cf5f0cfd7aaf056e9da09f75d848d Signed-off-by: Anil Belur --- diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..db5207a --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,15 @@ +--- +# SPDX-FileCopyrightText: 2026 The Linux Foundation +# SPDX-License-Identifier: Apache-2.0 + +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file + +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 3b61b12..6db1300 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -10,9 +10,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Configure Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: "3.8" - name: Build package distribution files