From d4d856767d89faf6e9ebae069671a9151c2c7f31 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 22 Oct 2024 20:13:49 +0200 Subject: [PATCH 1/2] build(deps): bump pre-commit from 3.5.0 to 4.0.1 (#2464) Bumps [pre-commit](https://github.com/pre-commit/pre-commit) from 3.5.0 to 4.0.1. - [Release notes](https://github.com/pre-commit/pre-commit/releases) - [Changelog](https://github.com/pre-commit/pre-commit/blob/main/CHANGELOG.md) - [Commits](https://github.com/pre-commit/pre-commit/compare/v3.5.0...v4.0.1) --- updated-dependencies: - dependency-name: pre-commit dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Moritz --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index f8e9c3bc6..30a117cbb 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -114,7 +114,7 @@ dev = [ # we want all developer environments to be consistent. # These dependencies are not used in production environments # and should not conflict with other libraries/tooling. - "pre-commit==3.5.0", + "pre-commit==4.0.1", "pytest==8.0.0", "pytest-sugar==1.0.0", "pytest-instafail==0.5.0", From 24236dda0e1d088ea5840f4b89f234882cc97d01 Mon Sep 17 00:00:00 2001 From: Soufiane Fariss Date: Wed, 23 Oct 2024 00:05:39 +0200 Subject: [PATCH 2/2] ci: skip changelog.yml when PR author is `dependabot` --- .github/workflows/changelog.yml | 5 ++++- CHANGELOG.md | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml index 8bf5d67cc..20914f43f 100644 --- a/.github/workflows/changelog.yml +++ b/.github/workflows/changelog.yml @@ -13,7 +13,10 @@ permissions: jobs: check_changelog: # no need to check for dependency updates via dependabot - if: github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]' + # github.event.pull_request.user.login refers to PR author + if: | + github.event.pull_request.user.login != 'dependabot[bot]' && + github.event.pull_request.user.login != 'dependabot-preview[bot]' runs-on: ubuntu-latest env: NO_CHANGELOG: '[x] No CHANGELOG update needed' diff --git a/CHANGELOG.md b/CHANGELOG.md index 65d339590..d2decf6ac 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -186,6 +186,7 @@ Special thanks to our repeat and new contributors: - CI: update tests.yml workflow to exclude web and documentation files #2263 @s-ff - CI: update build.yml workflow to exclude web and documentation files #2270 @s-ff - CI: add web releases workflow #2455 @s-ff +- CI: skip changelog.yml for dependabot PRs #2471 ### Raw diffs