From ad59d7045244286e8d69a78bd581acb6cc7b9dcd Mon Sep 17 00:00:00 2001
From: Silvan Mosberger <silvan.mosberger@tweag.io>
Date: Thu, 7 Nov 2024 00:59:56 +0100
Subject: [PATCH] Ensure dependabot doesn't break over time

The automated GitHub workflow updates were broken for some time due to dependabot's images fetched
at runtime went out of sync with the binary.

While updating dependabot fixed it for now, a more permanent fix is to use the version of dependabot
that pins the images at build time, introduced in
https://github.com/NixOS/nixpkgs/pull/352866 and https://github.com/NixOS/nixpkgs/pull/354085
---
 default.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/default.nix b/default.nix
index bb51019..ba7ef88 100644
--- a/default.nix
+++ b/default.nix
@@ -132,7 +132,8 @@ let
           githubActions = pkgs.writeShellApplication {
             name = "update-github-actions";
             runtimeInputs = with pkgs; [
-              dependabot-cli
+              dependabot-cli.withDockerImages
+              docker
               jq
               github-cli
               coreutils