File tree Expand file tree Collapse file tree 3 files changed +8
-4
lines changed
Expand file tree Collapse file tree 3 files changed +8
-4
lines changed Original file line number Diff line number Diff line change 11version : 2
22updates :
3+ - package-ecosystem : github-actions
4+ directory : " /"
5+ schedule :
6+ interval : weekly
37 # Enable version updates for npm
48 - package-ecosystem : " npm"
59 # Look for `package.json` and `lock` files in the `root` directory
Original file line number Diff line number Diff line change @@ -15,13 +15,13 @@ jobs:
1515 working-directory : ./web
1616
1717 steps :
18- - uses : actions/checkout@v3
18+ - uses : actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
1919 with :
2020 submodules : recursive
2121 - name : Find any lock file
2222 run : if test -f ../yarn.lock || test -f ../pnpm-lock.yaml || test -f ../package-lock.json; then echo "Please don't commit lock files" && exit 1; fi
2323 - name : Use Node.js ${{ matrix.node-version }}
24- uses : actions/setup-node@v2
24+ uses : actions/setup-node@7c12f8017d5436eb855f1ed4399f037a36fbd9e8 # v2.5.2
2525 with :
2626 node-version : ${{ matrix.node-version }}
2727 - run : yarn install --ignore-engines
Original file line number Diff line number Diff line change 99 steps :
1010 - name : Dependabot metadata
1111 id : dependabot-metadata
12- uses : dependabot/fetch-metadata@v1
12+ uses : dependabot/fetch-metadata@8348ea7f5d949b08c7f125a44b569c9626b05db3 # v1.7.0
1313 with :
1414 github-token : " ${{ secrets.GITHUB_TOKEN }}"
1515 - name : Approve and merge Dependabot PRs for patch versions
1616 if : ${{github.event.workflow_run.conclusion == 'success' && steps.dependabot-metadata.outputs.update-type == 'version-update:semver-patch'}}
17- uses : ridedott/merge-me-action@v2
17+ uses : ridedott/merge-me-action@94db76826489ddb8e3732265fd8f3cb9bf2b2c50 # v2.10.121
1818 with :
1919 GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
You can’t perform that action at this time.
0 commit comments