From 06653b98c00b9a4bf21cd5e2cad03a68b7dff09a Mon Sep 17 00:00:00 2001
From: Wilken Rivera <wilken@hashicorp.com>
Date: Fri, 7 Apr 2023 13:44:26 -0400
Subject: [PATCH] Update allowed dependencies to track (#12355)

* Packer plugins rely on the Packer SDK for the majority of its HCL
dependency. To prevent issues with the version of go-cty or hcl/v2 pkg
getting out of sync this changes sets the allowed dependency to
packer-plugin-sdk only.

* HashiCorp is standardizing on pinning versions of allowed GitHub actions to prevent
the introduction of potential security issues. This change removes GitHub actions
from dependabot.
---
 .github/dependabot.yml | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 96502c2e1..bbf1c27f6 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -6,10 +6,4 @@ updates:
     interval: daily
   allow:
     - dependency-name: "github.com/hashicorp/packer-plugin-sdk"
-    - dependency-name: "github.com/hashicorp/hcl/v2"
-    - dependency-name: "github.com/zclconf/go-cty"
     - dependency-name: "github.com/hashicorp/hcp-sdk-go"
-- package-ecosystem: github-actions
-  directory: /
-  schedule:
-    interval: daily