ci(dependabot): prevent dependabot auto-merge

dschach · dschach · commit 740c85b55c9f · 2025-06-17T13:16:59.000-07:00
diff --git a/.github/workflows/dependabot-approve-and-auto-merge.yml b/.github/workflows/dependabot-approve-and-auto-merge.yml
@@ -1,4 +1,4 @@
-name: Dependabot Pull Request Approve and Merge
+name: Dependabot Pull Request Rename
 on: pull_request #_target
 permissions:
   pull-requests: write
@@ -32,40 +32,3 @@ jobs:
           parensClose="):"
           pr_title=$title_pt1$parensOpen$packagename$parensClose$title_pt2
           gh pr edit "$PR_URL" --title "$pr_title"
-
-  # Auto merge Dependabot PRs for:
-  # - patch updates on prod dependencies
-  # - minor updates on dev dependencies
-  dependabot-auto-merge:
-    needs: pull-request-title-change
-    # Only run for Dependabot PRs
-    if: ${{ github.actor == 'dependabot[bot]' }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: 'Do not auto-merge'
-        run: exit 0
-
-      - name: 'Fetch Dependabot metadata'
-        id: dependabot
-        uses: dependabot/fetch-metadata@v2
-
-      - name: 'Check auto merge conditions'
-        id: auto-merge
-        if: |
-          (
-            steps.dependabot.outputs.update-type == 'version-update:semver-patch' &&
-            contains('direct:production,indirect:production', steps.dependabot.outputs.dependency-type)
-          ) || (
-            contains('version-update:semver-minor,version-update:semver-patch', steps.dependabot.outputs.update-type) &&
-            contains('direct:development,indirect:development', steps.dependabot.outputs.dependency-type)
-          )
-        run: echo "::notice ::auto-merge conditions satisfied"
-
-      - name: 'Approve and merge PR'
-        if: ${{ steps.auto-merge.conclusion == 'success' }}
-        run: |
-          gh pr review --approve "$PR_URL"
-          gh pr merge --auto --squash "$PR_URL"
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          PR_URL: ${{ github.event.pull_request.html_url }}
