From a7e065ddb42f94a7e0a1448ab6e06f061bccb5e1 Mon Sep 17 00:00:00 2001
From: charles-chenzz <Rekles666@gmail.com>
Date: Tue, 3 Oct 2023 20:16:56 +0800
Subject: [PATCH] update dependabot to auto bump deps and enable CVE detect

---
 .github/dependabot.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 203f3c889..c14953d18 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -4,3 +4,11 @@ updates:
   directory: "/"
   schedule:
       interval: "weekly"
+
+- package-ecosystem: gomod
+  directory: "/"
+  schedule:
+    interval: "weekly"
+  open-pull-requests-limit: 10
+  vulnerability-alerts:
+    enabled: true
\ No newline at end of file