Dependabot is updating codeql-action a lot, sometimes multiple times a day. Can we ignore patch versions and just rely on minor?
https://github.com/flutter/engine/pulls?q=is%3Apr+is%3Aclosed+codeql-action

Use ignore: update-types: ["version-update:semver-minor"] in dependabot.yml

update-types—use to ignore types of updates, such as semver major, minor, or patch updates on version updates (for example: version-update:semver-patch will ignore patch updates). You can combine this with dependency-name: "*" to ignore particular update-types for all dependencies. Currently, version-update:semver-major, version-update:semver-minor, and version-update:semver-patch are the only supported options. Security updates are unaffected by this setting.

https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#specifying-dependencies-and-versions-to-ignore