From 602a168c292f22c8b33072a7c8d04c8bd7c23840 Mon Sep 17 00:00:00 2001
From: Steven Maude <git@stevenmaude.co.uk>
Date: Mon, 8 Aug 2022 13:02:07 +0100
Subject: [PATCH 1/2] Update GitHub Actions to latest version

---
 .github/workflows/ci.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 4d18e2e..b75abc5 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -22,7 +22,7 @@ jobs:
           echo github.event.changes.title.from=$CI_PR_PREV_TITLE
 
       - name: Set up Go
-        uses: actions/setup-go@v2
+        uses: actions/setup-go@v3
         with:
           go-version: '~1.17.9'
         id: go
@@ -36,9 +36,9 @@ jobs:
           go env
 
       - name: Check out code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
-      - uses: actions/cache@v2
+      - uses: actions/cache@v3
         with:
           path: ~/go/pkg/mod
           key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}

From c8a9054bc80c1f4c53bd38f109f7a5910de37090 Mon Sep 17 00:00:00 2001
From: Steven Maude <git@stevenmaude.co.uk>
Date: Mon, 8 Aug 2022 13:02:32 +0100
Subject: [PATCH 2/2] Enable Dependabot

To track upgrades to GitHub Actions.

You can specify a `package-ecosystem` of `go.mod` but Dependabot doesn't
seem to correctly identify upgraded transitive dependencies, so leave
this for now.
---
 .github/dependabot.yml | 6 ++++++
 1 file changed, 6 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..1230149
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,6 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"