From 24dc8df5f6abcb2da382b2a6399dcb57094c0d74 Mon Sep 17 00:00:00 2001
From: Eliah Kagan <degeneracypressure@gmail.com>
Date: Thu, 17 Apr 2025 00:23:35 -0400
Subject: [PATCH] Enable Dependabot version updates for Rust

This enables grouped Dependabot version updates for Rust (`cargo`)
dependencies. Previously, only GitHub Actions dependencies were
updated with Dependabot in this repository; see ed59e97 (#43).

The updates are grouped. So there is one one Dependabot version
update PR for Rust dependencies per month, unless:

- The Dependabot update check is manually triggered, *or*
- `dependabot.yml` is changed (any change reruns update checks).

Because Dependabot security updates are enabled, pull requests
shall still be opened for those, immediately when an advisory
enters the GHSA database, provided that Dependabot is actually able
to create the update. (Dependabot security updates are separate
from Dependabot version updates.)
---
 .github/dependabot.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 406da2e..9f3213e 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,5 +1,12 @@
 version: 2
 updates:
+- package-ecosystem: cargo
+  directory: '/'
+  schedule:
+    interval: monthly
+  groups:
+    cargo:
+      patterns: ['*']
 - package-ecosystem: github-actions
   directory: '/'
   schedule: