martin/.github/workflows/dependabot.yml

name: Dependabot auto-merge
on: pull_request

permissions: write-all

jobs:
  dependabot:
    runs-on: ubuntu-latest
    if: ${{ github.actor == 'dependabot[bot]' }}
    steps:
      - name: Dependabot metadata
        id: metadata
        uses: dependabot/fetch-metadata@v1.6.0
        with:
          github-token: "${{ secrets.GITHUB_TOKEN }}"
      - name: Approve Dependabot PRs
        if: ${{steps.metadata.outputs.update-type == 'version-update:semver-patch'}}
        run: gh pr review --approve "$PR_URL"
        env:
          PR_URL: ${{github.event.pull_request.html_url}}
          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
      - name: Enable auto-merge for Dependabot PRs
        if: ${{steps.metadata.outputs.update-type == 'version-update:semver-patch'}}
        run: gh pr merge --auto --squash "$PR_URL"
        env:
          PR_URL: ${{github.event.pull_request.html_url}}
          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
ci: enable dependabot auto-merge (#337) 2022-05-27 14:46:48 +03:00			`name: Dependabot auto-merge`
			`on: pull_request`

Auto approve Dependabot semver patch PRs (#368) 2022-07-29 12:20:37 +03:00			`permissions: write-all`
ci: enable dependabot auto-merge (#337) 2022-05-27 14:46:48 +03:00
			`jobs:`
			`dependabot:`
			`runs-on: ubuntu-latest`
			`if: ${{ github.actor == 'dependabot[bot]' }}`
			`steps:`
			`- name: Dependabot metadata`
			`id: metadata`
chore(deps): Bump dependabot/fetch-metadata from 1.5.1 to 1.6.0 (#732) Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 1.5.1 to 1.6.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's releases</a>.</em></p> <blockquote> <h2>v1.6.0</h2> <h2>What's Changed</h2> <ul> <li>Add <code>.vscode</code> folder to <code>.gitignore</code> by <a href="https://github.com/timothy-humphrey"><code>@timothy-humphrey</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/385">dependabot/fetch-metadata#385</a></li> <li>Support for Grouped Updates by <a href="https://github.com/Nishnha"><code>@Nishnha</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/396">dependabot/fetch-metadata#396</a></li> <li>v1.6.0 by <a href="https://github.com/fetch-metadata-action-automation"><code>@fetch-metadata-action-automation</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/403">dependabot/fetch-metadata#403</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/timothy-humphrey"><code>@timothy-humphrey</code></a> made their first contribution in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/385">dependabot/fetch-metadata#385</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dependabot/fetch-metadata/compare/v1...v1.6.0">https://github.com/dependabot/fetch-metadata/compare/v1...v1.6.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dependabot/fetch-metadata/commit/c9c4182bf1b97f5224aee3906fd373f6b61b4526"><code>c9c4182</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/403">#403</a> from dependabot/bump-to-v1.6.0</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/aa6ff64b72d79c8898ba437585d858cedbdff4b7"><code>aa6ff64</code></a> v1.6.0</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/62c4c8daf6001bfb53981d26a48963905e44da12"><code>62c4c8d</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/396">#396</a> from dependabot/nishnha/grouped-updates-support</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/11c0ea46b84ffe4f9b29d1e1742ba1604045b2a5"><code>11c0ea4</code></a> build</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/b8e8f8c79b53f5dff2baa6697bc5ff9a9cd133ae"><code>b8e8f8c</code></a> Pull the group name from commit metadata</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/b534cb5e81bd66664f33772f7d740d370980104d"><code>b534cb5</code></a> FIXME: prevVersion and newVersion are blank for grouped updates</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/9e8fb5b31bffc46285ed71aef2a5e7d878ad4f10"><code>9e8fb5b</code></a> Add tests for grouped updates</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/b3648a31bdf3be13e26ccd15deac77954f1dd3b1"><code>b3648a3</code></a> Use commit data to infer dependency groups instead of the PR body</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/cfab22f69939bf74599938bd77e77c4d80b9f59f"><code>cfab22f</code></a> Add dependency group metadata</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/73e8a46e9eb58d059b586e1a7254233f262eafb6"><code>73e8a46</code></a> Add <code>.vscode</code> folder to <code>.gitignore</code> (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/385">#385</a>)</li> <li>See full diff in <a href="https://github.com/dependabot/fetch-metadata/compare/v1.5.1...v1.6.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dependabot/fetch-metadata&package-manager=github_actions&previous-version=1.5.1&new-version=1.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 2023-06-28 09:15:12 +03:00			`uses: dependabot/fetch-metadata@v1.6.0`
ci: enable dependabot auto-merge (#337) 2022-05-27 14:46:48 +03:00			`with:`
			`github-token: "${{ secrets.GITHUB_TOKEN }}"`
Auto approve Dependabot semver patch PRs (#368) 2022-07-29 12:20:37 +03:00			`- name: Approve Dependabot PRs`
			`if: ${{steps.metadata.outputs.update-type == 'version-update:semver-patch'}}`
			`run: gh pr review --approve "$PR_URL"`
			`env:`
			`PR_URL: ${{github.event.pull_request.html_url}}`
			`GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}`
ci: enable dependabot auto-merge (#337) 2022-05-27 14:46:48 +03:00			`- name: Enable auto-merge for Dependabot PRs`
			`if: ${{steps.metadata.outputs.update-type == 'version-update:semver-patch'}}`
ci: use squash instead of merge when auto-merging Dependabot PRs (#360) use squash instead of merge when auto-merging Dependabot PRs 2022-07-02 15:08:59 +03:00			`run: gh pr merge --auto --squash "$PR_URL"`
ci: enable dependabot auto-merge (#337) 2022-05-27 14:46:48 +03:00			`env:`
			`PR_URL: ${{github.event.pull_request.html_url}}`
			`GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}`