This allows us to get updates for GitHub actions automatically. I have used this for my own packages as well as our Trixi.jl framework. After merging this, we should also enable other Dependabot actions in 'Settings -> Code security and analysis -> Dependabot alerts' and '... -> Dependabot security updates'.
See https://github.com/SciML/MuladdMacro.jl/pull/37
This allows us to get updates for GitHub actions automatically. I have used this for my own packages as well as our Trixi.jl framework. After merging this, we should also enable other Dependabot actions in 'Settings -> Code security and analysis -> Dependabot alerts' and '... -> Dependabot security updates'.