From 644e0beea9b6c1a77e11ad5564ae8ffca5647f07 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Pedersen?= Date: Tue, 19 Sep 2023 16:39:13 +0200 Subject: [PATCH 1/2] Add some grouping to dependabot --- .github/dependabot.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index d5b07d944..a6798e87e 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -17,6 +17,16 @@ updates: # Increase the version requirements # only when required versioning-strategy: increase-if-necessary + groups: + angular: + patterns: + - "@angular*" + update-types: + - "minor" + - "patch" + ignore: + - dependency-name: "@angular*" + update-types: ["version-update:semver-major"] labels: - "dependencies" - "npm" From 5d0d8479be6c5ebdba81255a116b4bb80603eb52 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Pedersen?= Date: Tue, 19 Sep 2023 17:19:35 +0200 Subject: [PATCH 2/2] Create dependabot-auto-merge.yml --- .github/workflows/dependabot-auto-merge.yml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 .github/workflows/dependabot-auto-merge.yml diff --git a/.github/workflows/dependabot-auto-merge.yml b/.github/workflows/dependabot-auto-merge.yml new file mode 100644 index 000000000..1f4a2eebb --- /dev/null +++ b/.github/workflows/dependabot-auto-merge.yml @@ -0,0 +1,19 @@ +name: Dependabot auto-merge +on: pull_request_target +permissions: + pull-requests: write + contents: write +jobs: + dependabot: + runs-on: ubuntu-latest + if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' }} + steps: + - name: Dependabot metadata + id: dependabot-metadata + uses: dependabot/fetch-metadata@v1 + - name: Enable auto-merge for Dependabot PRs + if: steps.dependabot-metadata.outputs.update-type == 'version-update:semver-patch'}} + run: gh pr merge --auto --merge "$PR_URL" + env: + PR_URL: ${{github.event.pull_request.html_url}} + GH_TOKEN: ${{secrets.GITHUB_TOKEN}}