Add dependabot dependency checking for actions.

Scott Straughan · Scott Straughan · commit def579f2fd2b · 2025-03-07T08:50:46.000Z
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -5,3 +5,7 @@ updates:
     directory: ''/'
     schedule:
       interval: 'weekly'
+  - package-ecosystem: 'github-actions'
+    directory: ''/'
+    schedule:
+      interval: 'weekly'
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -38,7 +38,7 @@ jobs:
       uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
 
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@2.20.6
+      uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c
       with:
         languages: ${{ matrix.language }}
         build-mode: ${{ matrix.build-mode }}
@@ -54,6 +54,6 @@ jobs:
         exit 1
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@2.20.6
+      uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c
       with:
         category: "/language:${{matrix.language}}"
