[ISSUE #4929] Auto approve when dependabot's branch is changed by com…

…mitters (#4930) * a more standard way to prevent creating dependabot PRs * approve if the PR author is dependabot
apache · Jun 3, 2024 · e520848 · e520848
1 parent b64d1e0
commit e520848
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 3 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -27,12 +27,13 @@ updates:
         update-types: [ "version-update:semver-major" ]
   - package-ecosystem: "gomod"
     directory: "eventmesh-sdks/eventmesh-sdk-go"
+    # Disabled temporarily since the Go SDK is not integrated with CI
+    open-pull-requests-limit: 0
     schedule:
       interval: "monthly"
     ignore:
       - dependency-name: "*"
-        # Disabled temporarily since the Go SDK is not integrated with CI
-        update-types: [ "version-update:semver-major", "version-update:semver-minor", "version-update:semver-patch" ]
+        update-types: [ "version-update:semver-major", "version-update:semver-patch" ]
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:

diff --git a/.github/workflows/auto-dependabot.yml b/.github/workflows/auto-dependabot.yml
@@ -27,7 +27,7 @@ jobs:
   # Pull request Auto merge is not enabled for this repository
   dependabot:
     runs-on: ubuntu-latest
-    if: github.actor == 'dependabot[bot]'
+    if: github.event.pull_request.user.login == 'dependabot[bot]'
     steps:
       - name: Dependabot metadata
         id: metadata