Update comments in Dependabot config to reflect support for action's GHA dependencies

per1234 · per1234 · commit 869cb9788a7b · 2023-03-25T02:37:05.000-07:00
Originally, Dependabot only provided support for managing the GitHub Actions action dependencies of workflows. The
comments in the Dependabot configuration file reflected that situation.

Composite actions can now use other actions and Dependabot will also manage those dependencies. The comments are
updated accordingly.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -2,11 +2,11 @@
 version: 2
 
 updates:
-  # Configure check for outdated GitHub Actions actions in workflows.
+  # Configure check for outdated GitHub Actions actions in workflows and action metadata.
   # Source: https://github.com/arduino/tooling-project-assets/blob/main/workflow-templates/assets/dependabot/README.md
   # See: https://docs.github.com/en/code-security/supply-chain-security/keeping-your-actions-up-to-date-with-dependabot
   - package-ecosystem: github-actions
-    directory: / # Check the repository's workflows under /.github/workflows/
+    directory: /
     schedule:
       interval: daily
     labels:
