You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Fix CI gate: use pull_request_read get_check_runs instead of mergeable_state
mergeable_state is lazily computed and goes stale for inactive PRs.
The bulk list_pull_requests call never triggers recomputation, so old
Dependabot PRs always return 'unknown' — causing all PRs to be skipped.
Fix: use pull_request_read with method 'get_check_runs' (pull_requests
toolset) which directly returns check-run conclusions for the PR head
commit. Confirmed 9 check-runs (all success/skipped) for PR#112 and
PR#106 via this API. PR#101 has a failing check-run — correctly skipped.
Copy file name to clipboardExpand all lines: .github/workflows/dependabot-major-review.md
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -72,7 +72,7 @@ You will fetch and read external content from package registries, changelogs, re
72
72
These rules are absolute and must never be bypassed:
73
73
74
74
1.**Author verification:** ONLY process pull requests where the author login is EXACTLY `dependabot[bot]`. If the author is anyone else — even if the PR title looks like a Dependabot PR — skip it immediately. No exceptions.
75
-
2.**CI status:** ONLY process pull requests where `mergeable_state` is `"clean"`. Skip all others.
75
+
2.**CI status:** ONLY process pull requests where all check runs on the PR head commit have passed. Use `pull_request_read` with `method: "get_check_runs"` — skip PRs with any failing, cancelled, or pending checks, or zero check runs.
76
76
3.**Version bump scope:** Process PRs that are either (a) a major version bump for a single package, or (b) a multi-package PR (branch name contains `/multi-`). Skip single-package PRs that are pure patch or minor bumps — those are handled by the existing auto-merge workflow.
77
77
4.**Skip already-processed PRs:** If a PR already has the label `ai-approved-major-update`, skip it.
78
78
5.**Rate limit:** Process at most **10** PRs per run. Stop after reaching this limit.
@@ -96,7 +96,7 @@ For each candidate PR, perform the following checks in order. If any check fails
96
96
- Single package: "Bump <package> from <old> to <new>" — parse semver, only proceed if major version increased OR if this is a multi-package PR
97
97
- Multi-package: "Bump <package> in <path>" with a branch name containing `/multi-` — these have multiple packages updated together and `fetch-metadata` returns null for `update-type`. **Always process these** regardless of version increment — the AI must analyze the diff to determine all version changes
98
98
- If the title is a single-package bump where the major version has NOT increased (pure patch/minor), skip it — the existing auto-merge workflow handles those
99
-
4.**CI status:**Check the `mergeable_state` field on the PR object (available from `get_pull_request` in the `pull_requests` toolset). Only proceed if `mergeable_state` is exactly `"clean"` — this means GitHub has evaluated all branch protection checks and they passed with no merge conflicts. Any other value (`"blocked"`, `"dirty"`, `"unstable"`, `"behind"`, `"unknown"`) means CI is failing, pending, or there are conflicts — skip the PR entirely and report the `mergeable_state` value in your summary.
99
+
4.**CI status:**Use `pull_request_read` with `method: "get_check_runs"` (from the `pull_requests` toolset) to get all check runs for the PR's head commit. Every check run must have a `conclusion` of `"success"` or `"skipped"`. At least one check run must exist. If there are zero check runs, or any check run has a conclusion of `"failure"`, `"cancelled"`, `"timed_out"`, or `"action_required"`, or any check run has `status != "completed"` (still running), skip the PR entirely.
0 commit comments