GitHub Actions: Use typisttech/.github/.github/workflows/dependabot-auto-merge.yml@v1 (#26)

tangrufus · web-flow · commit b96547fe10c9 · 2024-12-06T04:40:43.000Z
* GitHub Actions: Use `typisttech/.github/.github/workflows/dependabot-auto-merge.yml@v1`
diff --git a/.github/workflows/dependabot-auto-merge.yml b/.github/workflows/dependabot-auto-merge.yml
@@ -1,30 +1,21 @@
 # Taken from https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions
 # and https://github.com/dependabot/fetch-metadata/blob/06ea45a2e4582d87b11f03c7ce596ae3261f39f6/README.md?plain=1#L133-L160
-name: Dependabot auto-merge
+name: Auto-merge Dependabot Pull Request
 
 on: pull_request
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.run_id }}
   cancel-in-progress: true
 
-permissions:
-  contents: write
-  pull-requests: write
+permissions: {}
 
 jobs:
   dependabot:
-    runs-on: ubuntu-latest
-    if: github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'typisttech/comver'
-    steps:
-      - name: Dependabot metadata
-        id: dependabot-metadata
-        uses: dependabot/fetch-metadata@v2
-        with:
-          github-token: "${{ secrets.GITHUB_TOKEN }}"
-      - name: Enable auto-merge for Dependabot PRs
-        if: steps.dependabot-metadata.outputs.update-type != 'version-update:semver-major'
-        run: gh pr merge --auto --merge "$PR_URL"
-        env:
-          PR_URL: ${{github.event.pull_request.html_url}}
-          GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
+    permissions:
+      contents: write
+      pull-requests: write
+    uses: typisttech/.github/.github/workflows/dependabot-auto-merge.yml@v1
+    with:
+      minor: true
+      patch: true
