Add new, disabled dependabot ignore directive

mcdonnnj · mcdonnnj · commit 25fbe5691b42 · 2024-03-27T01:36:05.000-04:00
Add github/codeql-action to the github-actions ignore directives as it
is used in the CodeQL workflow. It is commented out in this project and
will be un-commented in downstream repositories so that only
cisagov/skeleton-ansible-role will have dependabot PRs created for
this dependency.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -19,6 +19,8 @@ updates:
       - dependency-name: hashicorp/setup-terraform
       - dependency-name: mxschmitt/action-tmate
       - dependency-name: step-security/harden-runner
+      # # Managed by cisagov/skeleton-ansible-role
+      # - dependency-name: github/codeql-action
     package-ecosystem: github-actions
     schedule:
       interval: weekly
