5c33c5608a
Bumps the github-actions-minor-patch group with 1 update: [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata).
Updates `dependabot/fetch-metadata` from 2.3.0 to 2.5.0
- [Release notes](https://github.com/dependabot/fetch-metadata/releases)
- [Commits](d7267f607e...21025c705c)
---
updated-dependencies:
- dependency-name: dependabot/fetch-metadata
dependency-version: 2.5.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: github-actions-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
41 lines
1.2 KiB
YAML
41 lines
1.2 KiB
YAML
name: Dependabot Auto Merge
|
|
|
|
on:
|
|
pull_request:
|
|
types:
|
|
- opened
|
|
- synchronize
|
|
- reopened
|
|
|
|
permissions:
|
|
contents: write
|
|
pull-requests: write
|
|
|
|
concurrency:
|
|
group: dependabot-auto-merge-${{ github.event.pull_request.number }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
auto_merge:
|
|
if: github.event.pull_request.user.login == 'dependabot[bot]'
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Fetch Dependabot metadata
|
|
id: metadata
|
|
uses: dependabot/fetch-metadata@21025c705c08248db411dc16f3619e6b5f9ea21a
|
|
with:
|
|
github-token: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Enable auto-merge for patch and minor updates
|
|
if: |
|
|
steps.metadata.outputs.update-type == 'version-update:semver-patch' ||
|
|
steps.metadata.outputs.update-type == 'version-update:semver-minor'
|
|
run: gh pr merge --auto --merge "$PR_URL"
|
|
env:
|
|
PR_URL: ${{ github.event.pull_request.html_url }}
|
|
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Keep major updates for manual review
|
|
if: steps.metadata.outputs.update-type == 'version-update:semver-major'
|
|
run: echo "Major version update detected. Auto-merge is intentionally disabled."
|