martin/.github/workflows/dependabot.yml
dependabot[bot] d4f3144fb7
chore(deps): Bump dependabot/fetch-metadata from 1.3.6 to 1.4.0 (#639)
Bumps
[dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata)
from 1.3.6 to 1.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's
releases</a>.</em></p>
<blockquote>
<h2>v1.4.0</h2>
<h2>New Features</h2>
<ul>
<li>feat: add option to skip internal verifications by <a
href="https://github.com/yeikel"><code>@​yeikel</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/336">dependabot/fetch-metadata#336</a></li>
</ul>
<h2>Bugfix</h2>
<ul>
<li>Allow leading <code>v</code> on commit message versions by <a
href="https://github.com/jonmcquillan"><code>@​jonmcquillan</code></a>
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/338">dependabot/fetch-metadata#338</a></li>
</ul>
<h2>Dep Bumps</h2>
<ul>
<li>Bump <code>@​typescript-eslint/eslint-plugin</code> from 5.48.2 to
5.49.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/307">dependabot/fetch-metadata#307</a></li>
<li>Bump <code>@​types/yargs</code> from 17.0.19 to 17.0.20 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/308">dependabot/fetch-metadata#308</a></li>
<li>Bump <code>@​typescript-eslint/parser</code> from 5.48.2 to 5.49.0
by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/309">dependabot/fetch-metadata#309</a></li>
<li>Bump eslint from 8.32.0 to 8.33.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/315">dependabot/fetch-metadata#315</a></li>
<li>Bump <code>@​typescript-eslint/parser</code> from 5.49.0 to 5.50.0
by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/314">dependabot/fetch-metadata#314</a></li>
<li>Bump <code>@​types/yargs</code> from 17.0.20 to 17.0.22 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/312">dependabot/fetch-metadata#312</a></li>
<li>Bump <code>@​vercel/ncc</code> from 0.36.0 to 0.36.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/311">dependabot/fetch-metadata#311</a></li>
<li>Bump typescript from 4.9.4 to 4.9.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/313">dependabot/fetch-metadata#313</a></li>
<li>Bump yargs from 17.6.2 to 17.7.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/322">dependabot/fetch-metadata#322</a></li>
<li>Bump eslint from 8.33.0 to 8.35.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/321">dependabot/fetch-metadata#321</a></li>
<li>Bump <code>@​typescript-eslint/eslint-plugin</code> from 5.49.0 to
5.54.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/319">dependabot/fetch-metadata#319</a></li>
<li>Bump <code>@​typescript-eslint/parser</code> from 5.50.0 to 5.54.0
by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/320">dependabot/fetch-metadata#320</a></li>
<li>Bump <code>@​types/node</code> from 18.11.18 to 18.14.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/318">dependabot/fetch-metadata#318</a></li>
<li>Bump <code>@​types/node</code> from 18.14.2 to 18.15.11 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/324">dependabot/fetch-metadata#324</a></li>
<li>Bump eslint from 8.35.0 to 8.37.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/327">dependabot/fetch-metadata#327</a></li>
<li>Bump <code>@​types/yargs</code> from 17.0.22 to 17.0.24 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/326">dependabot/fetch-metadata#326</a></li>
<li>Bump <code>@​typescript-eslint/parser</code> from 5.54.0 to 5.57.1
by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/330">dependabot/fetch-metadata#330</a></li>
<li>Bump <code>@​typescript-eslint/eslint-plugin</code> from 5.54.0 to
5.57.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/329">dependabot/fetch-metadata#329</a></li>
<li>Bump eslint from 8.37.0 to 8.38.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/340">dependabot/fetch-metadata#340</a></li>
<li>Bump <code>@​typescript-eslint/parser</code> from 5.57.1 to 5.59.0
by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/341">dependabot/fetch-metadata#341</a></li>
<li>Bump <code>@​typescript-eslint/eslint-plugin</code> from 5.57.1 to
5.59.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/342">dependabot/fetch-metadata#342</a></li>
</ul>
<h2>Other</h2>
<ul>
<li>chore(ee): add devcontainer by <a
href="https://github.com/yeikel"><code>@​yeikel</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/337">dependabot/fetch-metadata#337</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/jonmcquillan"><code>@​jonmcquillan</code></a>
made their first contribution in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/338">dependabot/fetch-metadata#338</a></li>
<li><a href="https://github.com/yeikel"><code>@​yeikel</code></a> made
their first contribution in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/337">dependabot/fetch-metadata#337</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/dependabot/fetch-metadata/compare/v1...v1.4.0">https://github.com/dependabot/fetch-metadata/compare/v1...v1.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="efb5c8deb1"><code>efb5c8d</code></a>
v1.4.0 (<a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/344">#344</a>)</li>
<li><a
href="e8685ee3f1"><code>e8685ee</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/342">#342</a>
from dependabot/dependabot/npm_and_yarn/typescript-es...</li>
<li><a
href="9ca898d8c8"><code>9ca898d</code></a>
Bump <code>@​typescript-eslint/eslint-plugin</code> from 5.57.1 to
5.59.0</li>
<li><a
href="f2fbcde837"><code>f2fbcde</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/341">#341</a>
from dependabot/dependabot/npm_and_yarn/typescript-es...</li>
<li><a
href="1b2ca2fef8"><code>1b2ca2f</code></a>
Bump <code>@​typescript-eslint/parser</code> from 5.57.1 to 5.59.0</li>
<li><a
href="ffc304e015"><code>ffc304e</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/340">#340</a>
from dependabot/dependabot/npm_and_yarn/eslint-8.38.0</li>
<li><a
href="67395c4850"><code>67395c4</code></a>
Bump eslint from 8.37.0 to 8.38.0</li>
<li><a
href="6c2bf2fe33"><code>6c2bf2f</code></a>
feat: add option to skip internal verifications (<a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/336">#336</a>)</li>
<li><a
href="684ca1c3fd"><code>684ca1c</code></a>
Add devcontainer (<a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/337">#337</a>)</li>
<li><a
href="919f913865"><code>919f913</code></a>
Allow leading <code>v</code> on commit message versions (<a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/338">#338</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/dependabot/fetch-metadata/compare/v1.3.6...v1.4.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dependabot/fetch-metadata&package-manager=github_actions&previous-version=1.3.6&new-version=1.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-24 13:48:42 -04:00

28 lines
944 B
YAML

name: Dependabot auto-merge
on: pull_request
permissions: write-all
jobs:
dependabot:
runs-on: ubuntu-latest
if: ${{ github.actor == 'dependabot[bot]' }}
steps:
- name: Dependabot metadata
id: metadata
uses: dependabot/fetch-metadata@v1.4.0
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
- name: Approve Dependabot PRs
if: ${{steps.metadata.outputs.update-type == 'version-update:semver-patch'}}
run: gh pr review --approve "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
- name: Enable auto-merge for Dependabot PRs
if: ${{steps.metadata.outputs.update-type == 'version-update:semver-patch'}}
run: gh pr merge --auto --squash "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}