[npm-dev]: Bump @eslint/js from 9.14.0 to 9.18.0 #114
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Auto-merge Dependabot PR | |
| on: | |
| # Use the `pull_request_target` event instead of `pull_request`, | |
| # the workflow won't have access to secrets when use `pull_request` event | |
| pull_request_target: | |
| jobs: | |
| autoapprove: | |
| runs-on: ubuntu-latest | |
| if: ${{ github.actor == 'dependabot[bot]' }} | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| steps: | |
| - name: Approve PR | |
| uses: hmarr/auto-approve-action@v4 | |
| with: | |
| github-token: ${{ secrets.M31_PAT }} | |
| review-message: 'Auto approved PR' | |
| automerge: | |
| runs-on: ubuntu-latest | |
| if: ${{ github.actor == 'dependabot[bot]' }} # Only if the actor is Dependabot | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@v4 | |
| - name: Fetch Dependabot metadata | |
| id: meta | |
| uses: dependabot/fetch-metadata@v2 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Auto-merge PR | |
| # Auto-merge all Dependabot PRs with patch updates | |
| if: ${{ steps.meta.outputs.update-type == 'version-update:semver-patch' }} | |
| id: automerge | |
| uses: pascalgn/automerge-action@v0.16.4 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.M31_PAT }} | |
| MERGE_METHOD: 'squash' | |
| MERGE_LABELS: '' | |
| MERGE_COMMIT_MESSAGE: 'pull-request-title' | |
| MERGE_RETRIES: 3 | |
| - name: Post-merge PR | |
| if: ${{ steps.automerge.outputs.mergeResult == 'merged' }} | |
| run: gh pr comment --body 'Auto merged PR' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.M31_PAT }} |