...
1name: Dependabot auto-merge
2
3on:
4 pull_request:
5
6permissions: read-all
7
8jobs:
9 dependabot:
10 permissions:
11 contents: write
12 pull-requests: write
13 runs-on: ubuntu-latest
14 if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' }}
15 steps:
16 - name: Dependabot metadata
17 id: metadata
18 uses: dependabot/fetch-metadata@c9c4182bf1b97f5224aee3906fd373f6b61b4526 # v1.6.0
19 with:
20 github-token: ${{ secrets.GITHUB_TOKEN }}
21
22 - name: Enable auto-merge for Dependabot PRs
23 if: ${{ steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.update-type == 'version-update:semver-patch' }}
24 run: gh pr merge --auto --squash "$PR_URL"
25 env:
26 PR_URL: ${{ github.event.pull_request.html_url }}
27 GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
View as plain text