enable Dependabot v2
https://github.blog/2020-06-01-keep-all-your-packages-up-to-date-with-dependabot/
Closes #5
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..8d062ce
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,30 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+version: 2
+updates:
+- package-ecosystem: maven
+ directory: "/"
+ schedule:
+ interval: daily
+ ignore:
+ - dependency-name: org.apache.maven:maven-core
+ versions:
+ - ">3.0.5"
+- package-ecosystem: "github-actions"
+ directory: "/"
+ schedule:
+ interval: "daily"
\ No newline at end of file