Create dependabot.yml

Add dependabot checks.

- Monthly check for standard updates
- Weekly check for security udates

Author: codecapitano

.github/dependabot.yml

@@ -0,0 +1,24 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: 'npm'
+    directory: '/' 
+    schedule:
+      interval: 'monthly'
+    target-branch: 'main'
+    open-pull-requests-limit: 10
+
+  - package-ecosystem: 'npm'
+    directory: '/' 
+    schedule:
+      interval: 'weekly' 
+    target-branch: 'main'
+    open-pull-requests-limit: 10
+    allow:
+      - dependency-type: "direct"
+        update-types: ["security"]
+