From b676aeb6941b234a6dd58bb2fb59d2cfd3e5abe2 Mon Sep 17 00:00:00 2001
From: Nara Kasbergen Kwon <855115+xiehan@users.noreply.github.com>
Date: Thu, 26 Sep 2024 17:59:33 +0200
Subject: [PATCH] build: Set up Dependabot for go security updates (#35499)

---
 .github/dependabot.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 546a004d46..f6518ebdbb 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,5 +1,15 @@
 version: 2
 updates:
+  - package-ecosystem: gomod
+    directory: /
+    schedule:
+      interval: daily
+    labels:
+      - dependencies
+      - go
+      - security
+    # Disable regular version updates and only use Dependabot for security updates
+    open-pull-requests-limit: 0
   - package-ecosystem: github-actions
     directory: /
     schedule: