Create dependabot.yml

.github/dependabot.yml

@@ -0,0 +1,13 @@
+# Configuration options: https://docs.github.com/en/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  # Enable version updates for GitHub Actions
+  - package-ecosystem: "github-actions"
+    # Directory must be set to "/" to check for workflow files in .github/workflows
+    directory: "/"
+    # Check for updates to GitHub Actions once a week
+    schedule:
+      interval: "weekly"
+    # Limit the amout of open PR's (default = 5, disabled = 0, security updates are not impacted)
+    open-pull-requests-limit: 2