From 72762ec7d7833897b02dcde81f6e1a156bc31e30 Mon Sep 17 00:00:00 2001
From: Call Telemetry <57885211+calltelemetry-jason@users.noreply.github.com>
Date: Fri, 29 May 2026 15:11:58 -0300
Subject: [PATCH] chore(deps): add github-actions ecosystem to Dependabot

Keep SHA-pinned action refs current (grouped minor/patch, 3-day cooldown,
majors ignored) now that sha_pinning_required is enforced.
---
 .github/dependabot.yml | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 5c00164..2699606 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -23,3 +23,24 @@ updates:
     ignore:
       - dependency-name: "*"
         update-types: ["version-update:semver-major"]
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    commit-message:
+      prefix: "chore"
+      include: "scope"
+    # Keep the SHA-pinned action refs current (with changelogs) now that
+    # sha_pinning_required is enforced. One rolling PR for minor/patch.
+    groups:
+      github-actions:
+        patterns: ["*"]
+        update-types: ["minor", "patch"]
+    cooldown:
+      semver-minor-days: 3
+      semver-patch-days: 3
+    # Major action bumps stay human-reviewed.
+    ignore:
+      - dependency-name: "*"
+        update-types: ["version-update:semver-major"]