Add dependabot

fix

Author: GarrettBeatty

.github/dependabot.yml

@@ -0,0 +1,13 @@
+# Set update schedule for GitHub Actions
+
+version: 2
+updates:
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      # Check for updates to GitHub Actions every week
+      interval: "weekly"
+    labels:
+      - "Release Not Needed
+    target-branch: "v4sdk-development"

.github/workflows/semgrep-analysis.yml

@@ -35,7 +35,7 @@ jobs:
             p/owasp-top-ten
 
       - name: Upload SARIF file for GitHub Advanced Security Dashboard
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 #v3.28.15
         with:
           sarif_file: semgrep.sarif
         if: always()