chore(deps): bump deps to clear dependabot alerts #673
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'Update Lockfiles (Podfile.lock)' | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - '.github/workflows/update-lockfiles.yml' | |
| pull_request: | |
| paths: | |
| - '.github/workflows/update-lockfiles.yml' | |
| - 'package.json' | |
| - '**/package.json' | |
| permissions: | |
| contents: write | |
| env: | |
| # Opt actions still on Node 20 into the runner's Node 24 instead. | |
| # https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/ | |
| FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: 'true' | |
| jobs: | |
| update-lockfiles: | |
| name: 'Update lockfiles (Podfile.lock)' | |
| if: github.actor == 'dependabot[bot]' | |
| runs-on: macOS-latest | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{ github.event.pull_request.head.ref }} | |
| - uses: ./.github/actions/setup-bun | |
| - name: Setup Ruby (bundle) | |
| uses: ruby/setup-ruby@v1 | |
| with: | |
| ruby-version: 3.3 | |
| bundler-cache: true | |
| working-directory: example/ios | |
| - name: Install clang-format (required by pre-commit hook) | |
| run: brew install clang-format | |
| - run: | | |
| bun install | |
| cd example | |
| bundle install | |
| bun pods | |
| git add ios/Podfile.lock | |
| cd .. | |
| git config --global user.name 'dependabot[bot]' | |
| git config --global user.email 'dependabot[bot]@users.noreply.github.com' | |
| git commit --amend --no-edit | |
| git push --force |