Bump github/codeql-action from 2 to 3 #225
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions#enable-auto-merge-on-a-pull-request | |
| # Auto merge Dependabot PRs which are minor or patch-level semver changes | |
| name: Dependabot auto-merge | |
| on: pull_request | |
| permissions: | |
| pull-requests: write | |
| contents: write | |
| jobs: | |
| dependabot: | |
| runs-on: ubuntu-latest | |
| if: ${{ github.actor == 'dependabot[bot]' }} | |
| steps: | |
| - name: Dependabot metadata | |
| id: metadata | |
| uses: dependabot/[email protected] | |
| with: | |
| github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| - name: Enable auto-merge for Dependabot PRs | |
| # Be cautious and just auto-merge patch updates for now | |
| # if: ${{steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.update-type == 'version-update:semver-patch'}} | |
| if: ${{steps.metadata.outputs.update-type == 'version-update:semver-patch'}} | |
| run: gh pr merge --auto --merge "$PR_URL" | |
| env: | |
| PR_URL: ${{github.event.pull_request.html_url}} | |
| GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} |