Create dependabot.yml & update code-owners

[mansueli]

What kind of change does this PR introduce?

Bug fix, feature, docs update, ...

What is the current behavior?

Please link any relevant issues here.

What is the new behavior?

Feel free to include screenshots if it includes visual changes.

Additional context

Add any other context or screenshots.

[sourcery-ai]

PR Type: Enhancement

PR Summary: This pull request introduces a new configuration file for Dependabot, aimed at automating dependency updates for both GitHub Actions and pip packages. The configuration specifies daily checks for updates, targeting the master branch for both ecosystems.

Decision: Comment

📝 Type: 'Enhancement' - not supported yet.

• Sourcery currently only approves 'Typo fix' PRs.

✅ Issue addressed: this change correctly addresses the issue or implements the desired feature.

No details provided.

✅ Small diff: the diff is small enough to approve with confidence.

No details provided.

General suggestions:

• Consider specifying the types of updates you want Dependabot to ignore, if any, to avoid unnecessary version bumps for certain dependencies.
• Evaluate if the 'master' branch is the most appropriate target for these updates, or if another branch might be more suitable for testing updates before merging them into the main codebase.
• It might be beneficial to include information in the PR description about the expected impact of this change, such as improved security or more efficient CI/CD processes, to provide more context for reviewers.

Thanks for using Sourcery. We offer it for free for open source projects and would be very grateful if you could help us grow. If you like it, would you consider sharing Sourcery on your favourite social media? ✨

Share Sourcery

• X
• Mastodon
• LinkedIn
• Facebook

---

Help me be more useful! Please click 👍 or 👎 on each comment to tell me if it was helpful.