Use dependabot for Ruby

You can get Dependabot to help you with keeping your Ruby dependencies up to date, if it is based on Bundler.

# Basic dependabot.yml file 
# REF: https://docs.github.com/en/code-security/supply-chain-security/keeping-your-actions-up-to-date-with-dependabot

version: 2
updates:
  # Maintain dependencies for Bundler (Ruby)
  - package-ecosystem: "bundler"
    directory: "/"
    schedule:
      interval: "weekly"

Resources and References

• Blog post
• GitHub Documentation, supported eco-systems
• GitHub Documentation: “Keeping your actions up to date with Dependabot”