chore(deps): bump dependabot/fetch-metadata from 2 to 3 #17
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Dependabot Auto-Merge | |
| on: pull_request | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| jobs: | |
| auto-merge: | |
| if: github.actor == 'dependabot[bot]' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Fetch metadata | |
| id: metadata | |
| uses: dependabot/fetch-metadata@v3 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Enable auto-merge for patch and minor updates | |
| if: steps.metadata.outputs.update-type == 'version-update:semver-patch' || steps.metadata.outputs.update-type == 'version-update:semver-minor' | |
| run: gh pr merge --auto --squash "$PR_URL" | |
| env: | |
| PR_URL: ${{ github.event.pull_request.html_url }} | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # GitHub Actions majors almost never bring breaking runtime changes for | |
| # consumers — they typically just drop old Node runtimes. Auto-merge | |
| # them too once required status checks pass. Npm / runtime majors still | |
| # require manual review. | |
| - name: Enable auto-merge for major github-actions updates | |
| if: steps.metadata.outputs.package-ecosystem == 'github_actions' && steps.metadata.outputs.update-type == 'version-update:semver-major' | |
| run: gh pr merge --auto --squash "$PR_URL" | |
| env: | |
| PR_URL: ${{ github.event.pull_request.html_url }} | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} |