From 89ac7c13fe2156a0c1d6f4e8cca1038095d2956d Mon Sep 17 00:00:00 2001
From: Ryan Eberhardt <reberhardt7@gmail.com>
Date: Tue, 24 Mar 2026 22:30:11 -0700
Subject: [PATCH] fix: harden GitHub Actions workflows (zizmor)

Add cooldown configuration (default-days: 7) to Dependabot updates
to prevent excessive update frequency and reduce CI load.
---
 .github/dependabot.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 85b3a123..137a3c84 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -8,3 +8,5 @@ updates:
     schedule:
       interval: yearly
     open-pull-requests-limit: 0
+    cooldown:
+      default-days: 7