Dependabot action upgrade increaseses version specificity

This morning I found to my surprise a number of emails from dependabot in my inbox.

I have made two observations based on these emails:

  1. Dependabot (non-preview) suddenly started working based on the already existing configuration in .github/dependabot.yml, which contains:
version: 2
- package-ecosystem: github-actions
  directory: "/"
    interval: daily
  open-pull-requests-limit: 10
  1. Suggested upgrades change from generic (rolling version) v2 to more specific v2.x.x - adding specificity.


Is the observed behaviour intended?

Partially related: Why dependabot tries to update actions from major to major.minor