Add note about dependabot

.github/workflows/pre-checkin.yml

@@ -2,9 +2,13 @@ name: pre-checkin
 
 on:
   push:
+    branches:
+      - 'master'
     paths-ignore:
       - '**.md'
   pull_request:
+    branches:
+      - 'master'
     paths-ignore:
       - '**.md'
 

README.md

@@ -23,6 +23,7 @@ ___
 * [Customizing](#customizing)
   * [inputs](#inputs)
   * [environment variables](#environment-variables)
+* [Keep up-to-date with GitHub Dependabot](#keep-up-to-date-with-github-dependabot)
 * [How can I help?](#how-can-i-help)
 * [License](#license)
 
@@ -159,6 +160,22 @@ Following environment variables must be used as `step.env` keys
 | `GPG_PRIVATE_KEY`  | GPG private key exported as an ASCII armored version or its base64 encoding (**required**) |
 | `PASSPHRASE`       | Passphrase of the `GPG_PRIVATE_KEY` key if setted |
 
+## Keep up-to-date with GitHub Dependabot
+
+Since [Dependabot](https://docs.github.com/en/github/administering-a-repository/keeping-your-actions-up-to-date-with-github-dependabot)
+has [native GitHub Actions support](https://docs.github.com/en/github/administering-a-repository/configuration-options-for-dependency-updates#package-ecosystem),
+to enable it on your GitHub repo all you need to do is add the `.github/dependabot.yml` file:
+
+```yaml
+version: 2
+updates:
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+```
+
 ## How can I help?
 
 All kinds of contributions are welcome :raised_hands:! The most basic way to show your support is to star :star2: the project, or to raise issues :speech_balloon: You can also support this project by [**becoming a sponsor on GitHub**](https://github.com/sponsors/crazy-max) :clap: or by making a [Paypal donation](https://www.paypal.me/crazyws) to ensure this journey continues indefinitely! :rocket: