From 3b73d8bcd091e8e7cb6e006767c3ff76eb2d9f61 Mon Sep 17 00:00:00 2001
From: Tatsat Mishra <tamishra@microsoft.com>
Date: Tue, 4 Feb 2025 17:59:17 +1300
Subject: [PATCH] Scan workflows for unpinned GitHub Actions.

---
 .github/dependabot.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index b4a1e1d5d..265f1e088 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -20,3 +20,9 @@ updates:
     directory: "/template/workflows/manifests/.github/workflows"
     schedule:
       interval: "weekly"
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    labels:
+      - "dependencies"