Skip to content

chore(deps): Bump github/codeql-action from 3.27.5 to 3.27.6 #1731

chore(deps): Bump github/codeql-action from 3.27.5 to 3.27.6

chore(deps): Bump github/codeql-action from 3.27.5 to 3.27.6 #1731

# Based on https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions#enable-auto-merge-on-a-pull-request
name: Dependabot auto-merge
on: pull_request_target
permissions:
pull-requests: write
contents: write
jobs:
dependabot:
runs-on: ubuntu-latest
if: ${{ github.actor == 'dependabot[bot]' }}
steps:
- name: Dependabot metadata
id: metadata
uses: dependabot/fetch-metadata@dbb049abf0d677abbd7f7eee0375145b417fdd34
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
- name: Enable auto-merge for Dependabot PRs
# Automatically merge semver-patch and semver-minor PRs
if:
"${{ steps.metadata.outputs.update-type ==
'version-update:semver-minor' ||
steps.metadata.outputs.update-type ==
'version-update:semver-patch' }}"
run: gh pr merge --auto --squash "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}