From 633adac34ef5bec05d780647e887e3507ee91cc6 Mon Sep 17 00:00:00 2001
From: Sara Damiano <sdamiano@stroudcenter.org>
Date: Thu, 8 Aug 2024 13:07:58 -0400
Subject: [PATCH] Add dependabot checks, update actions

Signed-off-by: Sara Damiano <sdamiano@stroudcenter.org>
---
 .github/dependabot.yml                 | 14 ++++++++++++++
 .github/workflows/update_libraries.yml |  2 +-
 2 files changed, 15 insertions(+), 1 deletion(-)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..e3e1cb3
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,14 @@
+version: 2
+updates:
+  - package-ecosystem: 'github-actions'
+    directory: '/'
+    schedule:
+      interval: 'weekly'
+    labels:
+      - 'CI/CD'
+    commit-message:
+      prefix: ci
+  - package-ecosystem: "gitsubmodule"
+    directory: "/"
+    schedule:
+      interval: 'weekly'
diff --git a/.github/workflows/update_libraries.yml b/.github/workflows/update_libraries.yml
index 4c7bf67..4a550c1 100644
--- a/.github/workflows/update_libraries.yml
+++ b/.github/workflows/update_libraries.yml
@@ -15,7 +15,7 @@ jobs:
 
     steps:
       # check out the repo
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
         with:
           ref: master
           submodules: false