copy dependabot.yml and maven.yml from github example

.github/dependabot.yml

@@ -31,12 +31,7 @@ updates:
       interval: "weekly"
 
   # branch - dependabot testing
-  - package-ecosystem: "maven"
-    directory: "/"
-#    labels:
-#      - "dependencies"
-#      - "v1.x"
-    target-branch: "dependabot-testing-from-github"
+  - package-ecosystem: "github-actions"
+    directory: /
     schedule:
       interval: "daily"
-      time: "04:10"

.github/workflows/maven.yml

@@ -14,18 +14,10 @@ permissions:
 jobs:
   dependabot:
     runs-on: ubuntu-latest
-    if: github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'owner/my_repo'
+    if: ${{ github.actor == 'dependabot[bot]' }}
     steps:
-      - name: Dependabot metadata
-        id: dependabot-metadata
-        uses: dependabot/fetch-metadata@v2
-        with:
-          alert-lookup: true
-          github-token: "${{ secrets.PAT_TOKEN }}"
       - name: Enable auto-merge for Dependabot PRs
-        #if: ${{steps.dependabot-metadata.outputs.cvss == 'true' || (steps.dependabot-metadata.outputs.update-type == 'version-update:semver-patch' || steps.dependabot-metadata.outputs.update-type == 'version-update:semver-minor')}}
-        if: steps.dependabot-metadata.outputs.update-type == 'version-update:semver-patch' || steps.dependabot-metadata.outputs.update-type == 'version-update:semver-minor'
         run: gh pr merge --auto --merge "$PR_URL"
         env:
           PR_URL: ${{github.event.pull_request.html_url}}
-          GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
+          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}