[CI] Added Dependabot for GitHub Actions

[AlexandreSinger]

Our CI uses external GitHub Actions for different things such as checking out the repo. This updates Dependabot to check for updates to these actions and raise a PR whenever there is an update.

@coderabbitai review

Summary by CodeRabbit

• Chores
  • Updated GitHub Actions dependency management configuration to enable weekly update checks.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[AlexandreSinger]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Walkthrough

This pull request adds a new Dependabot configuration entry for GitHub Actions with weekly update intervals to .github/dependabot.yml, enabling automated dependency management for workflow files in the repository.

Changes

Cohort / File(s)	Change Summary
Dependabot Configuration \.github/dependabot\.yml	Adds new Dependabot update entry for GitHub Actions with weekly scheduling interval

Suggested reviewers

• AmirhosseinPoolad

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: adding Dependabot configuration for GitHub Actions updates.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feature-ci

---

📜 Recent review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9ebcd5c and 19a5f8f.

📒 Files selected for processing (1)

• .github/dependabot.yml (1 hunks)

🔇 Additional comments (1)

.github/dependabot.yml (1)

14-20: LGTM! Good addition for automated GitHub Actions updates.

The Dependabot configuration for GitHub Actions is correctly structured and will help keep workflow dependencies up to date. The weekly schedule is a sensible choice.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[AmirhosseinPoolad]

This looks okay to me, but do you want to wait until 2026 to merge this in case something goes wrong and there's no one available to fix things?

[AlexandreSinger]

This looks okay to me, but do you want to wait until 2026 to merge this in case something goes wrong and there's no one available to fix things?

Thanks Amir, I do not predict this to cause any explosions beyond just making it so we do not update dependencies for a month. I will monitor it for the next week. It should be ok.

[AlexandreSinger]

Looks like it worked, lol