Skip to content

Commit 2c803cf

Browse files
committed
Add explicit fetch-metadata step to fix auto-merge with pull_request_target
With pull_request_target, the fastify action's internal fetch-metadata call returns empty UPDATE_TYPE/DEPENDENCY_TYPE/DEPENDENCY_NAMES, causing the semver check to fail. Explicitly fetch metadata and pass as env vars.
1 parent fa30114 commit 2c803cf

1 file changed

Lines changed: 11 additions & 1 deletion

File tree

.github/workflows/dependabot-auto-merge.yaml

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,12 +31,22 @@ jobs:
3131

3232
# repo: https://github.com/actions/checkout
3333
# releases: https://github.com/actions/checkout/tags
34-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.1 released on 02-12-2025
34+
# - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.1 released on 02-12-2025
35+
36+
# repo: https://github.com/dependabot/fetch-metadata
37+
# releases: https://github.com/dependabot/fetch-metadata/tags
38+
- name: Dependabot metadata
39+
id: dependabot-metadata
40+
uses: dependabot/fetch-metadata@ffa630c65fa7e0ecfa0625b5ceda64399aea1b36 # v3.0.0
3541

3642
# repo: https://github.com/fastify/github-action-merge-dependabot
3743
# releases: https://github.com/fastify/github-action-merge-dependabot/tags
3844
# The action waits for required status checks by default
3945
- uses: fastify/github-action-merge-dependabot@1b2ed42db8f9d81a46bac83adedfc03eb5149dff # v3.11.2 released on 03-10-2025
46+
env:
47+
UPDATE_TYPE: ${{ steps.dependabot-metadata.outputs.update-type }}
48+
DEPENDENCY_TYPE: ${{ steps.dependabot-metadata.outputs.dependency-type }}
49+
DEPENDENCY_NAMES: ${{ steps.dependabot-metadata.outputs.dependency-names }}
4050
with:
4151
# github-token: ${{ secrets.TOKEN_AUTOMERGE }}
4252
# Using built-in GITHUB_TOKEN for better security (auto-scoped, auto-expires)

0 commit comments

Comments
 (0)