Onboarding v4: design feedback round 2 #2715
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Dependabot auto-approve and auto-merge | |
| on: pull_request | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| jobs: | |
| dependabot: | |
| runs-on: ubuntu-latest | |
| if: github.event.pull_request.user.login == 'dependabot[bot]' | |
| steps: | |
| - name: Dependabot metadata | |
| id: metadata | |
| uses: dependabot/fetch-metadata@21025c705c08248db411dc16f3619e6b5f9ea21a # v2.5.0 | |
| with: | |
| github-token: '${{ secrets.GITHUB_TOKEN }}' | |
| - name: Enable auto-merge for npm updates | |
| if: steps.metadata.outputs.package-ecosystem == 'npm' | |
| run: gh pr merge --auto --merge "$PR_URL" | |
| env: | |
| PR_URL: ${{ github.event.pull_request.html_url }} | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Auto-approve npm patch updates (except ignored packages) | |
| if: | | |
| steps.metadata.outputs.package-ecosystem == 'npm' && | |
| steps.metadata.outputs.update-type == 'version-update:semver-patch' && | |
| !contains(steps.metadata.outputs.dependency-names, '@atlaskit/pragmatic-drag-and-drop') && | |
| !contains(steps.metadata.outputs.dependency-names, 'preact') && | |
| !contains(steps.metadata.outputs.dependency-names, '@preact/signals') && | |
| !contains(steps.metadata.outputs.dependency-names, 'lottie-web') | |
| run: gh pr review --approve "$PR_URL" | |
| env: | |
| PR_URL: ${{ github.event.pull_request.html_url }} | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Request Cursor review | |
| if: github.event.action == 'opened' | |
| run: | | |
| gh pr comment "$PR_URL" --body "**Suggested comment for Cursor review** (copy and paste as a new comment): | |
| \`\`\` | |
| @cursoragent can you review against the current code and outline potential impacts based on the changelogs of the update? | |
| Can you check the test coverage and ensure that the new code is covered? | |
| Can you think through if this dependency is still needed or if there's better practices used elsewhere. | |
| Can you draft a separate PR with any fixes that might be needed? | |
| \`\`\` | |
| *Note: GitHub Actions bot cannot trigger Cursor agent directly. Please copy the above comment to invoke the review.*" | |
| env: | |
| PR_URL: ${{ github.event.pull_request.html_url }} | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} |