From abe830ffe749ef0d75e6139ac5e434dbf847b81d Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Thu, 29 Apr 2021 18:14:11 -0400
Subject: [PATCH] build: upgrade to GitHub-native Dependabot (#2665)

* Upgrade to GitHub-native Dependabot

* ci: add dependabot-auto-merge action

* ci: update job name

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Matan Kushner <hello@matchai.dev>
---
 .github/dependabot.yml                        | 23 +++++++++++++++++++
 .github/workflows/auto-merge.yml              | 14 +++++++++++
 ...{security_audit.yml => security-audit.yml} |  1 -
 .github/workflows/workflow.yml                |  1 -
 4 files changed, 37 insertions(+), 2 deletions(-)
 create mode 100644 .github/dependabot.yml
 create mode 100644 .github/workflows/auto-merge.yml
 rename .github/workflows/{security_audit.yml => security-audit.yml} (99%)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 00000000..c0d36a0b
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,23 @@
+version: 2
+updates:
+- package-ecosystem: cargo
+  directory: "/"
+  schedule:
+    interval: daily
+  open-pull-requests-limit: 10
+  labels:
+  - "\U0001F4E6 dependencies"
+- package-ecosystem: npm
+  directory: "/docs"
+  schedule:
+    interval: weekly
+  open-pull-requests-limit: 10
+  labels:
+  - "\U0001F4E6 dependencies"
+- package-ecosystem: github-actions
+  directory: "/"
+  schedule:
+    interval: daily
+  open-pull-requests-limit: 10
+  labels:
+  - "\U0001F4E6 dependencies"
diff --git a/.github/workflows/auto-merge.yml b/.github/workflows/auto-merge.yml
new file mode 100644
index 00000000..515de167
--- /dev/null
+++ b/.github/workflows/auto-merge.yml
@@ -0,0 +1,14 @@
+name: Dependabot
+
+on: [pull_request]
+
+jobs:
+  auto_merge:
+    name: Auto-merge Dependabot PRs
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: ahmadnassri/action-dependabot-auto-merge@v2
+        with:
+          target: minor
+          github-token: ${{ secrets.DEPENDABOT_GITHUB_API_TOKEN }}
diff --git a/.github/workflows/security_audit.yml b/.github/workflows/security-audit.yml
similarity index 99%
rename from .github/workflows/security_audit.yml
rename to .github/workflows/security-audit.yml
index 9ab06e92..9a813022 100644
--- a/.github/workflows/security_audit.yml
+++ b/.github/workflows/security-audit.yml
@@ -1,4 +1,3 @@
----
 name: Security audit
 on:
   pull_request:
diff --git a/.github/workflows/workflow.yml b/.github/workflows/workflow.yml
index 945ea176..114d3569 100644
--- a/.github/workflows/workflow.yml
+++ b/.github/workflows/workflow.yml
@@ -1,4 +1,3 @@
----
 name: Main workflow
 on:
   push: